CVE-2026-33725

Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution RCE and Arbitrary File Read via the...

EUVD-2026-16502

Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution RCE and Arbitrary File Read via the...

CVE-2026-33719

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the CDN plugin endpoints plugin/CDN/status.json.php and plugin/CDN/disable.json.php use key-based authentication with an empty string default key. When the CDN plugin is enabled but the key has not been configured...

Missing Authentication for Critical Function

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the status.json.php and disable.json.php endpoints when the authentication key is left at its default empty value. ...

PT-2026-6654

Name of the Vulnerable Software and Affected Versions Qdrant versions 1.9.3 through 1.15.5 Description Qdrant, a vector similarity search engine and vector database, contains a flaw where an attacker can append to arbitrary files via the /logger endpoint. This is possible due to an...

GHSA-4C4X-JM2X-PF9J Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL

Summary /api/v1/index/retrieve supports retrieving a public key via a user-provided URL, allowing attackers to trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the calle...

CVE-2025-8850

In danny-avila/librechat version 0.7.9, there is an insecure API design issue in the 2-Factor Authentication 2FA flow. The system allows users to disable 2FA without requiring a valid OTP or backup code, bypassing the intended verification process. This vulnerability occurs because the backend do...

EUVD-2025-37197

In danny-avila/librechat version 0.7.9, there is an insecure API design issue in the 2-Factor Authentication 2FA flow. The system allows users to disable 2FA without requiring a valid OTP or backup code, bypassing the intended verification process. This vulnerability occurs because the backend do...

CVE-2025-8850

In danny-avila/librechat version 0.7.9, there is an insecure API design issue in the 2-Factor Authentication 2FA flow. The system allows users to disable 2FA without requiring a valid OTP or backup code, bypassing the intended verification process. This vulnerability occurs because the backend do...

CVE-2025-8850

In danny-avila/librechat version 0.7.9, there is an insecure API design issue in the 2-Factor Authentication 2FA flow. The system allows users to disable 2FA without requiring a valid OTP or backup code, bypassing the intended verification process. This vulnerability occurs because the backend do...

CVE-2025-8850 Insecure API Design in danny-avila/librechat

In danny-avila/librechat version 0.7.9, there is an insecure API design issue in the 2-Factor Authentication 2FA flow. The system allows users to disable 2FA without requiring a valid OTP or backup code, bypassing the intended verification process. This vulnerability occurs because the backend do...

PT-2025-44458

Name of the Vulnerable Software and Affected Versions librechat version 0.7.9 Description The software has an insecure API design in the 2-Factor Authentication 2FA flow. The system permits users to disable 2FA without a valid One-Time Password OTP or backup code, circumventing the verification...

EUVD-2023-53718

Malicious code in bioql PyPI...

Insecure API Design: Able to Disable 2-Factor Authentication Without OTP or Backup Code

Description There is a minor issue in the 2-Factor Authentication 2FA flow. when a user tries to disable 2FA from the dashboard, the system should ask for a valid OTP or backup code and verify it through the following API: POST /api/auth/2fa/verify HTTP/1.1 Host: 127.0.0.1:3080 User-Agent:...

PT-2025-28022 · Zipkin +1 · Zipkin +1

Name of the Vulnerable Software and Affected Versions: Zipkin versions prior to 3.5.2 Description: The issue is related to the exposure of heap dump information through the "/heapdump" endpoint, which is associated with the use of Spring Boot Actuator. This endpoint is similar to a previously...

PT-2025-15292 · Unknown · Xiaozhi-Esp32-Server-Java

Name of the Vulnerable Software and Affected Versions: joey-zhou xiaozhi-esp32-server-java up to a14fe8115842ee42ab5c7a51706b8a85db5200b7 Description: A critical issue has been found in the software, affecting the update function of the "/api/user/update" API endpoint. The manipulation of the sta...

PT-2025-14817 · Unknown · Projectworlds Online Doctor Appointment Booking System

Name of the Vulnerable Software and Affected Versions: projectworlds Online Doctor Appointment Booking System version 1.0 Description: A critical issue was discovered in the projectworlds Online Doctor Appointment Booking System, affecting an unknown function of the file...

PT-2025-12691 · H3C · H3C Magic Be18000 +4

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 H3C Magic BE18000 versions up to V100R014 Description: A critical issue affects...

PT-2025-7941 · Codeastro · Bus Ticket Booking System

Name of the Vulnerable Software and Affected Versions: Codeastro Bus Ticket Booking System version 1.0 Description: The issue concerns a SQL injection vulnerability via the kodetiket parameter in the "/BusTicket-CI/tiket/cekorder" API endpoint. This allows for potential exploitation. No informati...

PT-2025-7112 · Tp Link · Tp-Link Tl-Wr841Nd

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841ND version V11 Description: A buffer overflow issue was discovered via the pskSecret parameter at the "/userRpm/WlanSecurityRpm.htm" API endpoint. This issue allows attackers to cause a Denial of Service DoS via a crafted...