Lucene search
K

208 matches found

Nuclei
Nuclei
added 4 hours ago29 views

Uptime-Kuma < v1.23.0 - Improper Access Control

Uptime-Kuma before v1.23.0 is vulnerable to an information disclosure issue due to missing authorization on the /api/badge/1/ping/24 endpoint. An unauthenticated attacker can access this endpoint to leak ping statistics, such as average ping and ping history, for existing monitors without needing...

5.3CVSS6AI score0.00905EPSS
Exploits1References2
NVD
NVD
added 3 days ago4 views

CVE-2026-46700

Actual is a local-first personal finance tool. Prior to 26.6.0, the GET /secret/:name endpoint in @actual-app/sync-server checks only that the caller has a valid session and does not verify the caller is an admin, while the sibling POST /secret/ handler enforces an admin check in OpenID mode. Any...

4.3CVSS0.00342EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-46700

Actual is a local-first personal finance tool. Prior to 26.6.0, the GET /secret/:name endpoint in @actual-app/sync-server checks only that the caller has a valid session and does not verify the caller is an admin, while the sibling POST /secret/ handler enforces an admin check in OpenID mode. Any...

4.3CVSS6AI score0.00342EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/30 7:59 p.m.37 views

CVE-2026-10129 SSRF via HTTP Redirect Following in Langflow API Request Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges flow author role can bypass SSRF protections by enabling the followredirects parameter and supplying a...

8.5CVSS0.00185EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-478 PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution

Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...

9.8CVSS6.5AI score0.00084EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-474 PraisonAI Has Missing Authentication in WebSocket Gateway

Summary The PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. Details gateway/server.py:242 source -...

9.1CVSS5.9AI score0.00444EPSS
Exploits1References5
CVE
CVE
added 2026/06/24 8:1 p.m.9 views

CVE-2026-52815

Summary (CVE-2026-52815, Gogs) Gogs before 0.14.3 exposes unauthenticated access to org teams via GET /api/v1/orgs/:orgname/teams. The route group lacks reqToken() and ListTeams() does not perform authentication, allowing retrieval of all teams’ IDs, names, descriptions, and permission levels for...

6.9CVSS5.9AI score0.01553EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 7:16 p.m.12 views

CVE-2026-47248

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.78 and 9.9.1-alpha.2, Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL...

6.9CVSS0.00291EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 4:16 p.m.16 views

CVE-2026-44206

Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...

6.9CVSS0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:34 p.m.10 views

EUVD-2026-36490

Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...

6.9CVSS5.2AI score0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:34 p.m.9 views

CVE-2026-44206 Frappe: DB Schema Enumeration via Frappe-Authorization-Source

Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...

6.9CVSS5.2AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 2:16 p.m.11 views

CVE-2026-47200

Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, when experimental.componentIslands is enabled default in Nuxt 4, any...

6.3CVSS0.0023EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/12 12:58 p.m.11 views

CVE-2026-47200 Nuxt: Route middleware not enforced when rendering `.server.vue` pages via `/__nuxt_island/page_*`

Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, when experimental.componentIslands is enabled default in Nuxt 4, any...

6.3CVSS5.3AI score0.0023EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Roxy-WI 安全漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Roxy-WI versions 8.2.6.4 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of authorization checks for the GET /history/ route when the service is set to user...

4.3CVSS5.3AI score0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 12:20 a.m.10 views

CVE-2026-44743 Security Misconfiguration vulnerability in SAP Business Objects

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...

3.7CVSS5.5AI score0.00188EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.15 views

CVE-2026-7385

The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attackers to enumerate registered user email addresses...

5.8CVSS5.5AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-33214

Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fixed in version 5.17. If users are unable to update immediately, they can work around this issue b...

4.3CVSS5.3AI score0.00236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-40151

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the AgentOS deployment platform exposes a GET /api/agents endpoint that returns agent names, roles, and the first 100 characters of agent system instructions to any unauthenticated caller. The AgentOS FastAPI application has no...

5.3CVSS5.4AI score0.00758EPSS
Exploits1References1
NVD
NVD
added 2026/05/28 7:16 p.m.12 views

CVE-2026-47136

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the RustFS console endpoint GET /rustfs/console/license returns parsed license metadata without requiring authentication. The endpoint is registered on the console listener and returns JSON containing license...

6.9CVSS0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 2:14 p.m.10 views

CVE-2026-36539

Netis AC1200 Router NC21 V4.0.1.4296 exposes a CGI endpoint /cgi-bin/skkget.cgi that returns the entire router configuration as a JSON response with no authentication required. Any attacker on the LAN can send a single HTTP GET request and instantly retrieve administrator credentials, WiFi...

7.3CVSS5.8AI score0.00358EPSS
Exploits0References1
Rows per page
Query Builder