322 matches found
CVE-2026-9106 UI misrepresentation vulnerability in GitHub Enterprise Server allowed unauthorized organization runner management via undisclosed OAuth scope on consent screen
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the managerunners:org scope and directing ...
CVE-2026-9106
The CVE-2026-9106 issue concerns GitHub Enterprise Server where a UI misrepresentation allowed an OAuth app to gain unauthorized access to an organization’s runner management. A victim could be tricked into authorizing an app requesting the manage_runners:org scope because the scope was not shown...
Astra Linux – Vulnerability in Shadow
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly for example, adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file...
Siemens RUGGEDCOM RST2428P User Interface (UI) Misrepresentation of Critical Information (CVE-2025-46394)
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
CVE-2026-45650
User interface ui misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-45650
CVE-2026-45650 describes a UI misrepresentation vulnerability in Microsoft Bing Search that could enable an attacker to spoof information over a network. The exact root cause and affected UI components are not detailed in the provided documents. CVSSv3.1 base score is 4.3 (Medium): Network attack...
Microsoft Bing Search Spoofing Vulnerability
User interface ui misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network...
PT-2026-48013
Name of the Vulnerable Software and Affected Versions Microsoft Bing Search Android versions prior to 33.3 Description A user interface UI misrepresentation of critical information allows an unauthorized attacker to perform spoofing over a network. By using a crafted URL, an attacker can manipula...
User Interface (UI) Misrepresentation of Critical Information
Overview symfony/html-sanitizer is a Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM. Affected versions of this package are vulnerable to User Interface UI Misrepresentation of Critical Information via UrlSanitizer::parse in the...
AI Agents May Always Fall for Prompt Injections
Prompt injection is the most critical vulnerability in deployed AI agents. Despite recent progress, we show that the prevailing defense paradigm data-instruction separation both fails to detect attacks that operate through contextual manipulation and degrades contextually appropriate behavior. We...
CVE-2026-42891
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35429
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29715
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29673
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29633
User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35429
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-40416
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42891
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
PT-2026-40260
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...