Lucene search
K

4 matches found

CVE
CVE
added 2026/04/28 11:44 a.m.28 views

CVE-2026-5781

An authorization vulnerability in MphRx’s Minerva v3.6.0 affects the /minerva/moUser/update endpoint. An authenticated user with user-modification privileges can escalate to administrator by sending an HTTP request with a manipulated 'identifier' field. The CVSS metrics indicate high impact and p...

8.8CVSS5.3AI score0.00232EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 11:44 a.m.13 views

CVE-2026-5781

An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitati...

8.5CVSS5.3AI score0.00232EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.13 views

MphRx Minerva 访问控制错误漏洞

MphRx Minerva is a medical data integration and interoperability platform developed by MphRx Corporation. Version MphRx Minerva V3.6.0 contains a security vulnerability related to access control. This vulnerability stems from an insecure direct object reference in the /minerva/moUser/show endpoin...

8.5CVSS5.8AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.16 views

PT-2026-35716

Name of the Vulnerable Software and Affected Versions Minerva version 3.6.0 Description An authorization issue in the '/minerva/moUser/update' endpoint allows an authenticated user with user modification privileges to escalate their privileges to administrator. This is achieved by sending an HTTP...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References5
Rows per page
Query Builder