12 matches found
CVE-2026-49209
The CVE-2026-49209 issue affects Symfony UX LiveComponent’s BatchActionController::__invoke(), which iterates over client-supplied actions and issues a full HttpKernel sub-request per entry. With unbounded action arrays, an authenticated attacker can submit a single _batch request containing thou...
CVE-2026-49257
Summary of CVE-2026-49257 – mcp-pinot : Versions 3.0.1 and earlier run an HTTP MCP server bound to 0.0.0.0:8080 with no authentication, exposing all MCP tools (SQL query execution, schema creation, table-config mutation) to any network-adjacent caller. The server proxies these calls using server-...
CVE-2026-41274
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that ar...
CVE-2026-41274 Flowise: Cypher Injection in GraphCypherQAChain
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that ar...
CVE-2026-41278
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the...
CVE-2026-41278 Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwords, and credential IDs
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the...
CVE-2026-41268
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...
EUVD-2026-11321
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentication is not tenant-scoped. In this mode, Himmelblau can accept authentication attempts for...
EUVD-2026-9052
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in POST /api/v1/auth/jellyfin allows an unauthenticated attacker to register a new Seerr account on any Plex-configure...
PT-2026-22381
Name of the Vulnerable Software and Affected Versions Seerr versions prior to 3.1.0 Description Seerr, an open-source media request and discovery manager for Jellyfin, Plex, and Emby, contains a flaw where authenticated users can access and modify data belonging to other users. This is due to the...
CVE-2026-25899
CVE-2026-25899 affects GoFiber (Fiber) v3 branch prior to 3.1.0. The issue arises from the use of the fiber_flash cookie, which can trigger unbounded memory allocation (up to ~85 GB) via unvalidated MsgPack deserialization. A crafted 10-character cookie causes the allocation, with no authenticati...
WordPress Simple Banner plugin <= 3.0.10 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Cody Sixteen in WordPress Plugin Simple Banner versions = 3.0.10...