Lucene search
+L

609 matches found

Github Security Blog
Github Security Blog
added 2026/06/23 11:12 p.m.13 views

Snipe-IT API Vulnerable to Cross-Tenant Accessory Injection

Impact A cross-tenant data injection vulnerability was identified in the Snipe-IT Accessories API when Full Multiple Companies Support FMCS is enabled. A low-privileged authenticated user belonging to one company can create an accessory record under another company by supplying a foreign companyi...

8.5CVSS5.8AI score0.00389EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/23 9:24 p.m.4 views

GHSA-5HH8-Q8HV-FR38 jackson-databind has @JsonView bypass for setterless creator properties

Summary In BeanDeserializer.deserializeUsingPropertyBased, the active-view @JsonView filter was applied only to creator properties; the regular property-buffering branch performed no prop.visibleInViewactiveView check. A change making SetterlessProperty.isMerging return true routed setterless...

5.3CVSS5.8AI score0.00237EPSS
Exploits0References6
OSV
OSV
added 2026/06/23 9:24 p.m.4 views

GHSA-9FXM-VC8V-HJ55 jackson-databind's renamed @JsonIgnore'd setters can deserialize via private fields

Summary POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed rather than dropped. With MapperFeature.INFERPROPERTYMUTATORS enabled default, the private backing field is retained; during deserialization...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/23 9:24 p.m.9 views

jackson-databind's renamed @JsonIgnore'd setters can deserialize via private fields

Summary POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed rather than dropped. With MapperFeature.INFERPROPERTYMUTATORS enabled default, the private backing field is retained; during deserialization...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References6Affected Software2
Github Security Blog
Github Security Blog
added 2026/06/23 9:23 p.m.11 views

jackson-databind has case-insensitive deserialization bypasses per-property @JsonIgnoreProperties

Summary In BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a contextual deserializer whose BeanPropertyMap has the ignored properties removed. The subsequent per-property case-insensitivity block triggered by...

5.3CVSS5.8AI score0.00345EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2026/06/23 9:23 p.m.6 views

GHSA-5JMJ-H7XM-6Q6V jackson-databind has case-insensitive deserialization bypasses per-property @JsonIgnoreProperties

Summary In BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a contextual deserializer whose BeanPropertyMap has the ignored properties removed. The subsequent per-property case-insensitivity block triggered by...

5.3CVSS5.8AI score0.00345EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/23 9:23 p.m.4 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object...

6.9CVSS6AI score0.00345EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/23 9:23 p.m.5 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the BeanDeserializerBase.createContextual method, which applies the per-property exclusions through handleByNameInclusion and then rebuilds the property m...

6.9CVSS5.8AI score0.00345EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.11 views

PT-2026-51636

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.2 Description A cross-tenant data injection issue exists in the Accessories API when Full Multiple Companies Support is enabled. A low-privileged authenticated user can create accessory records belonging to a...

8.5CVSS6.1AI score0.00389EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2026/06/22 11:20 p.m.11 views

Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override

Summary The webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution parameters. A mass assignment vulnerability in externalTrigger allows an attacker to overwrite the internal appId property by including it in the webhook POST...

9.6CVSS6.6AI score0.00461EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/22 11:43 a.m.36 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS0.00362EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2026/06/22 11:43 a.m.8 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS6AI score0.00362EPSS
Exploits0References16
CVE
CVE
added 2026/06/22 11:43 a.m.30 views

CVE-2026-56422

CVE-2026-56422 affects MISP core controllers and models where client-controlled fields (ids and ownership/scope keys such as event_id, org_id, user_id, sharing_group_id, galaxy_cluster_uuid, organisation_uuid, etc.) were not consistently stripped or revalidated, enabling an authenticated user to ...

9.4CVSS6AI score0.00362EPSS
Exploits0References16
OSV
OSV
added 2026/06/22 11:43 a.m.3 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS6.1AI score0.00362EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.13 views

PT-2026-51460

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.9 Description Budibase contains a mass assignment issue in the externalTrigger function. The webhook trigger endpoint /api/webhooks/trigger/:instance/:id is publicly accessible and passes the full HTTP request...

9.6CVSS6AI score0.00461EPSS
Exploits1References6
NVD
NVD
added 2026/06/20 4:17 p.m.16 views

CVE-2026-56276

Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password has...

6CVSS0.00251EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/20 3:24 p.m.33 views

CVE-2026-56276 Flowise - Mass Assignment in PUT /api/v1/user Allows Password Hash Override

Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password has...

6CVSS0.00251EPSS
Exploits0References2
CVE
CVE
added 2026/06/20 3:24 p.m.28 views

CVE-2026-56276

Flowise (Flowise) before 3.1.2 has a mass-assignment vulnerability in PUT /api/v1/user that lets an authenticated user modify the credential field without validation. The attacker can bypass password-change verification and session invalidation by supplying a crafted password hash, enabling persi...

6CVSS5.9AI score0.00251EPSS
Exploits0References2
OSV
OSV
added 2026/06/20 3:24 p.m.5 views

CVE-2026-56276 Flowise - Mass Assignment in PUT /api/v1/user Allows Password Hash Override

Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password has...

6CVSS6AI score0.00251EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/20 3:24 p.m.15 views

EUVD-2026-38119

Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password has...

6CVSS5.9AI score0.00251EPSS
Exploits0References2
Rows per page
Query Builder