CVE-2026-7879

Concrete CMS 9.5.0 and earlier is affected by a vulnerability in submit_password() within concrete/controllers/single_page/download_file.php that permits unauthorized access to files. The issue arises because downloading permission-restricted files bypasses the view_file permission check; files w...

CVE-2026-7879 Concrete CMS 9.5.0 and below is vulnerable to File Download Authorization Bypass in submit_password()

In Concrete CMS 9.5.0 and below, the submitpassword method in concrete/controllers/singlepage/downloadfile.php allows unauthorized file access since downloading permission-restricted files bypasses the viewfile permission check. Files without passwords can be downloaded and any user who knows a...

CVE-2026-42277

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/fileid endpoint allows any authenticated user to download any other user's uploaded files by providing the file UUID. The endpoint verifies the caller is authenticated but never checks that the file...

WWBN AVideo has an Allowlisted downloadURL media extensions bypass SSRF protection and enable internal response exfiltration (Incomplete fix for CVE-2026-27732)

Summary The fix for CVE-2026-27732 is incomplete. objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then fetches the response and...

CVE-2026-34581

goshs is a SimpleHTTPServer written in Go. From version 1.1.0 to before version 2.0.0-beta.2, when using the Share Token it is possible to bypass the limited selected file download with all the gosh functionalities, including code exec. This issue has been patched in version 2.0.0-beta.2...

CVE-2026-34581

goshs is a SimpleHTTPServer written in Go. From version 1.1.0 to before version 2.0.0-beta.2, when using the Share Token it is possible to bypass the limited selected file download with all the gosh functionalities, including code exec. This issue has been patched in version 2.0.0-beta.2...

CVE-2026-34784

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.71 and 9.7.1-alpha.1, file downloads via HTTP Range requests bypass the afterFindParse.File trigger and its validators on storage adapters that support streaming e.g. the...

CVE-2026-34784

Parse Server has a vulnerability where file downloads via HTTP Range requests bypass the afterFind(Parse.File) trigger and its validators on streaming storage adapters (e.g., GridFS). This can let an attacker access files that should be protected by authorization logic. The issue is fixed in vers...

PT-2026-26089

Name of the Vulnerable Software and Affected Versions File Browser versions 2.61.0 and below Description File Browser is a file managing interface that allows users to upload, delete, preview, rename, and edit files. A permission enforcement issue exists where users with share privileges perm.sha...

CVE-2026-23623

Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user with view-only rights and no download privileges can obtai...

CVE-2026-23623

Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user with view-only rights and no download privileges can obtai...

CVE-2026-23623

Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user with view-only rights and no download privileges can obtai...

CVE-2026-23623 Collabora Online vulnerable to Authorization Bypass

Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user with view-only rights and no download privileges can obtai...

PT-2026-6642

Name of the Vulnerable Software and Affected Versions Collabora Online versions prior to 23.05.20.1 Collabora Online versions prior to 24.04.17.3 Collabora Online versions prior to 25.04.7.5 Collabora Online Development Edition versions prior to 25.04.08.2 Description Collabora Online is a...

CVE-2025-14318

Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled...

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.12 that stems from improper access checking and could lead to file download bypass...

CVE-2025-62614

BookLore (versions 1.8.1 and earlier) has an authentication bypass in the BookMediaController, allowing unauthenticated users to access and download book covers, thumbnails, and full PDF/CBX content. The root cause is missing access-control annotations on multiple media endpoints and the CoverJwt...

CVE-2025-35052

Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...

EUVD-2005-0146

Malware in sbrugna...

EUVD-2023-12221

Malicious code in bioql PyPI...