34 matches found
CVE-2026-42303
Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was...
CVE-2026-42303 Fides: Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection
Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was...
CVE-2026-42303
CVE-2026-42303 affects Fides (privacy engineering platform). From version 2.75.0 up to, but not including, 2.83.2, deployments that enable both subject identity verification and duplicate privacy request detection are vulnerable to an administrator approving a privacy request whose identity was n...
CVE-2026-42303 Fides: Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection
Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was...
EUVD-2024-2158
Malicious code in bioql PyPI...
EUVD-2024-1520
Malicious code in bioql PyPI...
EUVD-2024-2694
Malicious code in bioql PyPI...
EUVD-2023-0074
Malicious code in bioql PyPI...
EUVD-2023-1942
Malicious code in bioql PyPI...
EUVD-2023-2057
Malicious code in bioql PyPI...
EUVD-2025-27262
Malicious code in bioql PyPI...
EUVD-2024-2766
Malicious code in bioql PyPI...
EUVD-2023-2765
Malicious code in bioql PyPI...
EUVD-2024-2256
Malicious code in bioql PyPI...
EUVD-2025-27268
Malicious code in bioql PyPI...
CVE-2025-57766
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS ca...
CVE-2025-57817
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the OAuth client creation and update endpoints of the Fides Webserver API do not properly authorize scope assignment. This allows highly privileged users with client:create or client:update permissions to escalate thei...
CVE-2025-57817 Fides Webserver API is Vulnerable to OAuth Client Privilege Escalation
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the OAuth client creation and update endpoints of the Fides Webserver API do not properly authorize scope assignment. This allows highly privileged users with client:create or client:update permissions to escalate thei...
CVE-2025-57766 Fides's Admin UI User Password Change Does Not Invalidate Current Session
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS ca...
CVE-2025-57766 Fides's Admin UI User Password Change Does Not Invalidate Current Session
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS ca...