Lucene search
K

62 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-42314

AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails...

7.1CVSS6AI score
Exploits0References4
Cvelist
Cvelist
added yesterday22 views

CVE-2026-59262 AFFiNE - Unauthorized Document Edit History Access via GraphQL histories Field

AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails...

7.1CVSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.5 views

EUVD-2026-40426

Capgo console.capgo.app/login before 12.128.2 accepts accesstoken and refreshtoken in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious links to force victims into attacker-controlled sessions, exposing tokens in browser history and logs...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/18 10:12 p.m.22 views

CVE-2026-56077 PraisonAI - Information Disclosure via Shared MultiAgentLedger State

PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expo...

7.1CVSS0.00256EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 2:3 p.m.37 views

CVE-2026-45563 Roxy-WI: IDOR — any authenticated user can read another user's full action history

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history// re-uses the serverip path parameter as a user-id when service == 'user', with no authorization check. Any authenticated user — even a guest in an unrelated group —...

4.3CVSS0.00176EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 2:3 p.m.21 views

CVE-2026-45563

CVE-2026-45563 affects Roxy-WI, a web interface for managing HAProxy, Nginx, Apache and Keepalived. In versions ≤ 8.2.6.4, GET /history// re-uses the server_ip path parameter as a user-id when service == 'user', without any authorization check. This enables any authenticated user (including a gue...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 1:39 p.m.11 views

GHSA-VRMH-5MMX-HJWX Nezha's private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing data

Private services EnableShowInService: false are enumerable via per-server endpoints, leaking name and timing data CWE: CWE-285 Improper Authorization via CWE-200 Exposure of Sensitive Information to an Unauthorized Actor and CWE-863 Incorrect Authorization — inconsistent gating across data-reader...

5.3CVSS5.7AI score0.00253EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.20 views

PT-2026-48602

Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.2 Description After the handleOperatorCreateAPIKey function in internal/web/operators.go:251 generates a 32-byte bearer token, the application redirects the browser to the endpoint /ui/operators/?new key=&key...

5.5CVSS5.9AI score0.00012EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/09 7:35 a.m.8 views

CVE-2026-34905 Apache Answer: Unlisted Questions Accessible via Direct API Access

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenticated users to discover and access unlisted...

5.4AI score0.00325EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:47 p.m.10 views

Security Bulletin: Unauthenticated Session History Access via Public Flow Execution

Summary A session ID namespace bypass vulnerability existed in Langflow OSS' POST /api/v1/buildpublictmp/flowid/flow endpoint that allowed unauthenticated attackers to access chat history from other users' sessions. The endpoint accepted an inputs.session parameter that could override the session...

8.1CVSS5.5AI score0.00248EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/05/28 8:59 p.m.12 views

EUVD-2026-33059

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bearer tokens passed...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:13 p.m.11 views

CVE-2025-62317 HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters.

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions...

2.6CVSS5.8AI score0.00115EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/12 6:17 p.m.13 views

PYSEC-2026-30

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/05/12 4:33 p.m.10 views

EUVD-2026-29537

Zulip is an open-source team collaboration tool. Prior to 12.0, With messageedithistoryvisibilitypolicy set to "moves", /api/v1/messages/id/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This...

6CVSS5.8AI score0.00247EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/05 7:8 p.m.13 views

AVideo: Password Hash Leak in MobileManager OAuth Redirect URL Enables Account Takeover

Summary plugin/MobileManager/oauth2.php completes an OAuth login by sending an HTTP 302 Location: oauth2Success.php?user=&pass= where is the victim's stored password hash md5hash"whirlpool", sha1password read directly from the users table. AVideo's own login endpoint objects/login.json.php accept...

6.8CVSS5.8AI score0.00285EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.9 views

PT-2026-35553

OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages that should be filtered by sender allowlists, bypassing message filtering restrictions...

5.4CVSS5.2AI score0.00177EPSS
Exploits0References4
NVD
NVD
added 2026/04/03 10:16 p.m.3 views

CVE-2026-27833

Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API method in Piwigo is registered without the adminonly option, allowing unauthenticated users to access the full browsing history of all gallery visitors. This issue has been patched ...

7.5CVSS0.01522EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/03 9:34 p.m.1 views

CVE-2026-27833

Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API method in Piwigo is registered without the adminonly option, allowing unauthenticated users to access the full browsing history of all gallery visitors. This issue has been patched ...

7.5CVSS5.8AI score0.01522EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.6 views

PT-2026-30242

Name of the Vulnerable Software and Affected Versions Piwigo versions prior to 16.3.0 Description An information disclosure issue exists in the open source photo gallery application where the 'pwg.history.search' API method is registered without the admin only option. This allows unauthenticated...

7.5CVSS5.2AI score0.01522EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/30 1:17 p.m.2 views

CVE-2026-3321

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1/answer/EVENTID/TIMESTAMP/' endpoint. Exploiting this vulnerability would allow an unauthenticated attacker to enumerate event IDs and obtain the complete Q&A history. This publicly exposed data may...

8.7CVSS5.8AI score0.00287EPSS
Exploits0References2
Rows per page
Query Builder