CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

Github Security Blog•added yesterday•4 views

GitHub MCP Server: Lockdown mode singleton in HTTP server causes cross-user GraphQL client confusion

Summary When running in HTTP mode with --lockdown-mode enabled, the RepoAccessCache is implemented as a process-global singleton initialized with the first authenticated user's GraphQL client. All subsequent requests from different users share this singleton and their lockdown-related GraphQL...

6CVSS5.9AI score0.00034EPSS

Exploits0References2Affected Software1

Positive Technologies•added yesterday•7 views

PT-2026-52644

Name of the Vulnerable Software and Affected Versions GitHub MCP Server versions 0.22.0 through 1.1.1 Description When operating in HTTP mode with --lockdown-mode enabled, the RepoAccessCache is implemented as a process-global singleton. This singleton is initialized using the GraphQL client of t...

6CVSS5.7AI score0.00034EPSS

Exploits0References4

RedhatCVE•added 2026/06/05 7:49 p.m.•9 views

CVE-2026-29198

In Rocket.Chat 8.3.0, 8.2.1, 8.1.2, 8.0.3, 7.13.5, 7.12.6, 7.11.6, and 7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OAuth app is configured...

9.8CVSS5.5AI score0.00416EPSS

Exploits0References1

RedhatCVE•added 2026/05/30 8:13 a.m.•14 views

CVE-2026-45332

Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...

7.5CVSS5.8AI score0.00298EPSS

Exploits1References1

Cvelist•added 2026/05/28 6:22 p.m.•29 views

CVE-2026-45332 Automad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint

7.5CVSS0.00298EPSS

Exploits1References1

CVE•added 2026/05/28 6:22 p.m.•17 views

CVE-2026-45332

Affected software: Automad (flat-file CMS/template engine). Vulnerability: Broken Access Control allowing an unauthenticated attacker to retrieve bcrypt password hashes of all administrator accounts (and, in 2.0.0-beta.27, TOTP secrets) via the publicly accessible /_api/user-collection/create-fir...

7.5CVSS5.8AI score0.00298EPSS

Exploits1References1

CNNVD•added 2026/05/28 12:0 a.m.•14 views

Automad 访问控制错误漏洞

Automad is a flat-file content management system and template engine developed by Marc Anton Dahmen. Versions of Automad from 2.0.0-alpha.1 to 2.0.0-beta.27 contain access control vulnerabilities. These vulnerabilities stem from ineffective access control mechanisms, allowing unauthorized attacke...

7.5CVSS5.8AI score0.00298EPSS

Exploits1References2

RedhatCVE•added 2026/05/19 7:57 a.m.•10 views

CVE-2026-45675

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line...

8.1CVSS5.9AI score0.00354EPSS

Exploits1References1

NVD•added 2026/05/15 8:16 p.m.•14 views

CVE-2026-45675

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, lin...

8.1CVSS0.00354EPSS

Exploits1References3

Vulnrichment•added 2026/05/15 7:12 p.m.•10 views

CVE-2026-45675 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

8.1CVSS5.3AI score0.00354EPSS

Exploits1References3

Cvelist•added 2026/05/15 7:12 p.m.•40 views

CVE-2026-45675 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

8.1CVSS0.00354EPSS

Exploits1References3

CVE•added 2026/05/15 7:12 p.m.•33 views

CVE-2026-45675

Open WebUI CVE-2026-45675 describes a TOCTOU race in first-user admin role assignment for LDAP and OAuth paths prior to version 0.9.0. The signup path was fixed to insert with a default role first and upgrade if only one user remains; LDAP and OAuth paths did not receive that fix. Attack scenario...

8.1CVSS5.3AI score0.00354EPSS

Exploits1References3Affected Software1

Github Security Blog•added 2026/05/14 8:28 p.m.•19 views

Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

Summary The LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line 663 was explicitly patched to prevent this race with the comment "Insert with default role first to avoid...

8.1CVSS5.8AI score0.00354EPSS

Exploits1References6Affected Software1

OSV•added 2026/05/14 8:28 p.m.•5 views

GHSA-H3WW-Q6XX-W7X3 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

8.1CVSS5.8AI score0.00354EPSS

Exploits1References6

NVD•added 2026/04/23 12:16 a.m.•3 views

CVE-2026-29198

9.8CVSS0.00416EPSS

Exploits0References2

CNNVD•added 2026/04/23 12:0 a.m.•13 views

Rocket.Chat SQL注入漏洞

Rocket.Chat is a chat software developed by the Rocket.Chat company. Versions prior to 8.3.0, 8.2.1, 8.1.2, 8.0.3, 7.13.5, 7.12.6, 7.11.6, and 7.10.9 have a SQL injection vulnerability. This vulnerability stems from NoSQL injection and could lead to the takeover of the first user account with a...

9.8CVSS5.9AI score0.00416EPSS

Exploits0References1

CVE•added 2026/04/22 11:30 p.m.•22 views

CVE-2026-29198

In Rocket.Chat, versions earlier than 8.3.0, 8.2.1, 8.1.2, 8.0.3, 7.13.5, 7.12.6, 7.11.6, and 7.10.9 are affected by a NoSQL injection vulnerability. The issue can allow account takeover of the first user by generating a token when an OAuth app is configured. This is a component-level root-cause ...

9.8CVSS5.8AI score0.00416EPSS

Exploits0References2Affected Software1