CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

CVE-2026-29198

In Rocket.Chat 8.3.0, 8.2.1, 8.1.2, 8.0.3, 7.13.5, 7.12.6, 7.11.6, and 7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OAuth app is configured...

9.8CVSS5.5AI score0.00066EPSS

Exploits0References1

RedhatCVE•added 2026/05/30 8:13 a.m.•8 views

CVE-2026-45332

Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...

7.5CVSS5.8AI score0.00058EPSS

Exploits1References1

CVE•added 2026/05/28 6:22 p.m.•10 views

CVE-2026-45332

Affected software: Automad (flat-file CMS/template engine). Vulnerability: Broken Access Control allowing an unauthenticated attacker to retrieve bcrypt password hashes of all administrator accounts (and, in 2.0.0-beta.27, TOTP secrets) via the publicly accessible /_api/user-collection/create-fir...

7.5CVSS5.8AI score0.00058EPSS

Exploits1References1

Cvelist•added 2026/05/28 6:22 p.m.•26 views

CVE-2026-45332 Automad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint

7.5CVSS0.00058EPSS

Exploits1References1

CNNVD•added 2026/05/28 12:0 a.m.•7 views

Automad 访问控制错误漏洞

Automad is a flat-file content management system and template engine developed by Marc Anton Dahmen. Versions of Automad from 2.0.0-alpha.1 to 2.0.0-beta.27 contain access control vulnerabilities. These vulnerabilities stem from ineffective access control mechanisms, allowing unauthorized attacke...

7.5CVSS5.8AI score0.00058EPSS

Exploits1References2

RedhatCVE•added 2026/05/19 7:57 a.m.•6 views

CVE-2026-45675

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line...

8.1CVSS5.9AI score0.00115EPSS

Exploits1References1

NVD•added 2026/05/15 8:16 p.m.•6 views

CVE-2026-45675

8.1CVSS0.00115EPSS

Exploits1References3

Cvelist•added 2026/05/15 7:12 p.m.•33 views

CVE-2026-45675 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

8.1CVSS0.00115EPSS

Exploits1References3

CVE•added 2026/05/15 7:12 p.m.•4 views

CVE-2026-45675

Open WebUI CVE-2026-45675 describes a TOCTOU race in first-user admin role assignment for LDAP and OAuth paths prior to version 0.9.0. The signup path was fixed to insert with a default role first and upgrade if only one user remains; LDAP and OAuth paths did not receive that fix. Attack scenario...

8.1CVSS5.9AI score0.00115EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/05/15 7:12 p.m.•6 views

CVE-2026-45675 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

8.1CVSS5.9AI score0.00115EPSS

Exploits1References3

Github Security Blog•added 2026/05/14 8:28 p.m.•4 views

Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

Summary The LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line 663 was explicitly patched to prevent this race with the comment "Insert with default role first to avoid...

8.1CVSS5.8AI score0.00115EPSS

Exploits1References6Affected Software1

OSV•added 2026/05/14 8:28 p.m.•1 views

GHSA-H3WW-Q6XX-W7X3 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

8.1CVSS5.8AI score0.00115EPSS

Exploits1References6

Positive Technologies•added 2026/05/14 12:0 a.m.•5 views

PT-2026-41203

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description LDAP and OAuth authentication flows use a Time-of-Check-Time-of-Use TOCTOU pattern—a race condition where a system checks a condition and then uses the result of that check, but the condition...

8.1CVSS5.8AI score0.00115EPSS

Exploits1References7

NVD•added 2026/04/23 12:16 a.m.•1 views

CVE-2026-29198

9.8CVSS0.00066EPSS

Exploits0References2

CNNVD•added 2026/04/23 12:0 a.m.•7 views

Rocket.Chat SQL注入漏洞

Rocket.Chat is a chat software developed by the Rocket.Chat company. Versions prior to 8.3.0, 8.2.1, 8.1.2, 8.0.3, 7.13.5, 7.12.6, 7.11.6, and 7.10.9 have a SQL injection vulnerability. This vulnerability stems from NoSQL injection and could lead to the takeover of the first user account with a...

9.8CVSS5.9AI score0.00066EPSS

Exploits0References1

Cvelist•added 2026/04/22 11:30 p.m.•32 views

CVE-2026-29198

0.00066EPSS

Exploits0References2

ATTACKERKB•added 2026/04/22 11:30 p.m.•1 views

CVE-2026-29198

5.8AI score0.00066EPSS

Exploits0References3

CVE•added 2026/04/22 11:30 p.m.•10 views

CVE-2026-29198

In Rocket.Chat, versions earlier than 8.3.0, 8.2.1, 8.1.2, 8.0.3, 7.13.5, 7.12.6, 7.11.6, and 7.10.9 are affected by a NoSQL injection vulnerability. The issue can allow account takeover of the first user by generating a token when an OAuth app is configured. This is a component-level root-cause ...

9.8CVSS5.8AI score0.00066EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/04/22 12:0 a.m.•2 views

PT-2026-34579

5.8AI score0.00066EPSS

Exploits0References3

EUVD•added 2026/03/11 6:30 p.m.•1 views

EUVD-2026-11210

Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO UserInfo endpoint. We...

2.1CVSS5.8AI score0.00071EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by