111 matches found
Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators
Summary The /api/v1/users/super endpoint enforces a restriction that only one super user Instance Administrator can be created during initial setup. However, due to a Time-of-Check-Time-of-Use TOCTOU race condition in the signupAndLoginSuper method, concurrent requests can bypass this restriction...
GHSA-9WCP-79G5-5C3C Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators
Summary The /api/v1/users/super endpoint enforces a restriction that only one super user Instance Administrator can be created during initial setup. However, due to a Time-of-Check-Time-of-Use TOCTOU race condition in the signupAndLoginSuper method, concurrent requests can bypass this restriction...
EUVD-2026-36306
Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...
CVE-2026-49973 Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings
Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...
CVE-2026-49973
CVE-2026-49973 affects Hermes WebUI prior to version 0.51.358. The issue is an improper access control in the settings API that allows unauthenticated remote attackers to hijack the initial setup by posting to the /api/settings endpoint using the _set_password parameter without origin restriction...
PT-2026-48730
Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.358 Description Improper access control allows unauthenticated remote attackers to hijack the initial setup process. By sending a POST request to the settings API endpoint without network origin restrictions...
CVE-2026-34126 Bluetooth Communication Uses Unencrypted Transmission During Initial Setup on TP-Link's Tapo L535E, P300 and D100C
TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v1.0, where Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. Bluetooth is only used during initialization. An attacker within the Bluetooth rang...
CVE-2026-34126
TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v1.0, where Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. Bluetooth is only used during initialization. An attacker within the Bluetooth rang...
CVE-2026-34126 Bluetooth Communication Uses Unencrypted Transmission During Initial Setup on TP-Link's Tapo L535E, P300 and D100C
TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v1.0, where Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. Bluetooth is only used during initialization. An attacker within the Bluetooth rang...
EUVD-2026-32969
TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v1.0, where Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. Bluetooth is only used during initialization. An attacker within the Bluetooth rang...
PT-2026-44456
Name of the Vulnerable Software and Affected Versions Tapo L535E versions 1.0 and 3.0 Tapo P300 version 1.0 Tapo D100C version 1.0 Description Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. An attacker within Bluetooth range could use sniffi...
Nginx-UI: Unauthenticated first-boot instance claim via POST /api/install allows remote bootstrap takeover
Summary An unauthenticated bootstrap takeover exists in nginx-ui during the initial installation window exposed by POST /api/install. When the instance is still uninitialized, POST /api/install is reachable without authentication and accepts attacker-controlled bootstrap data. The handler sets th...
Missing Authentication for Critical Function
Overview github.com/0xJacky/Nginx-UI/api/system is a yet another Nginx Web UI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the api/install endpoint during the initial setup process. An attacker can gain unauthorized administrative access by...
[SECURITY] Fedora 44 Update: plasma-setup-6.6.4-4.fc44
Initial setup for systems using KDE Plasma...
EUVD-2025-209448
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...
CVE-2025-69893
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...
CVE-2025-69893
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...
CVE-2025-69893
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...
PT-2026-32627
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...
Trezor多款产品 安全漏洞
Trezor One, among others, is a product of the Czech Republic-based Trezor company. Trezor One is a digital currency wallet device. Trezor T is a hardware cryptocurrency wallet device. Trezor Safe is also a hardware cryptocurrency wallet device. Several Trezor products have security vulnerabilitie...