CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Vulnrichment•added 2026/04/03 8:20 p.m.•2 views

CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function

A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...

9.3CVSS5.9AI score0.00436EPSS

Exploits1References3

CVE•added 2026/04/03 8:20 p.m.•6 views

CVE-2026-28766

CVE-2026-28766 refers to Gardyn Cloud API missing authentication for a critical function. The initial description and related documents confirm that a specific endpoint exposes all user account information for registered Gardyn users without requiring authentication, enabling potential confidenti...

9.3CVSS5.9AI score0.00436EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/04/03 8:18 p.m.•15 views

CVE-2026-28767 Gardyn Cloud API Missing Authentication for Critical Function

A specific administrative endpoint notifications is accessible without proper authentication...

6.9CVSS0.00377EPSS

Exploits1References3

Vulnrichment•added 2026/04/03 8:18 p.m.•3 views

CVE-2026-28767 Gardyn Cloud API Missing Authentication for Critical Function

A specific administrative endpoint notifications is accessible without proper authentication...

6.9CVSS5.9AI score0.00377EPSS

Exploits1References3

CVE•added 2026/04/03 8:18 p.m.•13 views

CVE-2026-28767

CVE-2026-28767 affects Gardyn Cloud API: the administrative endpoint /api/admin/notifications is accessible without authentication. This allows information disclosure of internal administrative communications and related data. The documented remediation is to require admin authentication on all /...

6.9CVSS5.9AI score0.00377EPSS

Exploits1References3Affected Software1

CVE•added 2026/04/03 8:15 p.m.•15 views

CVE-2026-32646

CVE-2026-32646 concerns the Gardyn Cloud API where administrative endpoints (e.g., /api/admin/) lack proper authentication, exposing device management and internal admin communications. Multiple connected sources (Red Hat, CVE/CVE list, Circle, CVE writeups, and PT-2026-30214) corroborate a patte...

8.7CVSS5.9AI score0.00486EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/04/03 8:15 p.m.•6 views

CVE-2026-32646 Gardyn Cloud API Missing Authentication for Critical Function

A specific administrative endpoint is accessible without proper authentication, exposing device management functions...

8.7CVSS5.9AI score0.00486EPSS

Exploits1References3

Cvelist•added 2026/04/03 8:15 p.m.•17 views

CVE-2026-32646 Gardyn Cloud API Missing Authentication for Critical Function

A specific administrative endpoint is accessible without proper authentication, exposing device management functions...

8.7CVSS0.00486EPSS

Exploits1References3