Lucene search
K

2026 matches found

Cvelist
Cvelist
added 2026/04/08 8:30 a.m.22 views

CVE-2026-39526 WordPress WpStream plugin < 4.11.2 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through 4.11.2...

5.4CVSS0.00229EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/03 1:25 p.m.3 views

CVE-2026-28736 Focalboard IDOR in file content endpoint allows cross-user file access (unsupported product, no fix)

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:12 a.m.1 views

CVE-2026-4400

Insecure Direct Object Reference IDOR vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/' and, if exploited, coul...

7CVSS6AI score0.00209EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 10:12 a.m.2 views

CVE-2026-4400 Multiple vulnerabilities in 1millionbot Millie chatbot

Insecure Direct Object Reference IDOR vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/' and, if exploited, coul...

7CVSS6AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/03/31 10:12 a.m.11 views

CVE-2026-4400

The CVE describes an Insecure Direct Object Reference (IDOR) in 1millionbot Millie chatbot. An attacker can view private conversations of other users by altering the conversation ID in the endpoint /api/public/conversations/, without credentials or impersonation. Exploitation requires knowing a u...

7CVSS6AI score0.00209EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/30 4:41 p.m.5 views

GHSA-5HF2-VHJ6-GJ9M nginx-UI has Unencrypted Storage of DNS API Tokens and ACME Private Keys

Summary Nginx-UI contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user to access, modify, and delete resources belonging to other users. The application's base Model struct lacks a userid field, and all resource endpoints perform queries by ID without...

8.8CVSS5.9AI score0.0028EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29091

Nginx-UI and Affected Versions Nginx-UI versions 2.3.3 and prior Description Nginx-UI contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user to access, modify, and delete resources belonging to other users. The application's base Model struct lacks a us...

9.9CVSS5.9AI score0.60368EPSS
Exploits18References49
EUVD
EUVD
added 2026/03/29 6:30 p.m.5 views

EUVD-2026-17039

A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...

8.3CVSS7AI score0.00268EPSS
Exploits1References3
PyPA
PyPA
added 2026/03/29 6:16 p.m.9 views

PYSEC-0000-CVE-2026-0562

A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...

8.3CVSS7.3AI score0.00268EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/27 7:25 p.m.6 views

CVE-2026-31950 LibreChat's IDOR in SSE Stream Subscription Allows Reading Other Users' Chats

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint /api/agents/chat/stream/:streamId does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and...

5.3CVSS5.9AI score0.00208EPSS
Exploits1References3
OSV
OSV
added 2026/03/26 8:33 p.m.6 views

GO-2026-4850 Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion in code.vikunja.io/api

Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

6.9CVSS5.9AI score0.00205EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/26 6:55 p.m.28 views

CVE-2026-28503 Tandoor Recipes has Cross-Space IDOR in SyncViewSet.query_synced_folder: missing space scoping on get_object_or_404

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the SyncViewSet.querysyncedfolder action in cookbook/views/api.py line 903 fetches a Sync object using getobjector404Sync, pk=pk without including space=request.space i...

6.9CVSS0.00303EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/26 4:56 p.m.6 views

Vikunja: Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR

Summary Two independently-exploitable authorization flaws in Vikunja can be chained to allow an unauthenticated attacker to download and delete every file attachment across all projects in a Vikunja instance. The ReadAll endpoint for link shares exposes share hashes including admin-level shares t...

5.9AI score
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.5 views

CVE-2026-23487

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...

6.5CVSS5.7AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 11:36 p.m.9 views

EUVD-2026-16036

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment...

6.5CVSS5.8AI score0.00351EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/25 10:27 p.m.2 views

CVE-2026-32120 OpenEMR has IDOR in Fee Sheet Product Save

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...

6.5CVSS6AI score0.00254EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/25 10:27 p.m.24 views

CVE-2026-32120 OpenEMR has IDOR in Fee Sheet Product Save

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...

6.5CVSS0.00254EPSS
Exploits1References3
NVD
NVD
added 2026/03/25 9:16 p.m.4 views

CVE-2025-14974

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

7.5CVSS0.00327EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-28136

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0.3 Description OpenEMR is an electronic health records and medical practice management application. A flaw exists in the fee sheet product save logic within library/FeeSheet.class.php that allows authenticated...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/24 7:30 p.m.2 views

CVE-2026-33345 solidtime vulnerable to IDOR in private projects

solidtime is an open-source time-tracking app. Prior to version 0.11.6, the project detail endpoint GET /api/v1/organizations/org/projects/project allows any authenticated Employee to access any project in the organization by UUID, including private projects they are not a member of. The index...

6.5CVSS5.7AI score0.00416EPSS
Exploits1References3
Rows per page
Query Builder