Lucene search
K

310 matches found

NVD
NVD
added 3 days ago4 views

CVE-2026-55460

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated non-admin user with users.view and users.edit but without users.delete can directly POST to /users/bulksave with deleteuser=1 because BulkUsersController::destroy authorizes only update, allowing the user to...

7.1CVSS0.00285EPSS
Exploits1References3
CVE
CVE
added 3 days ago6 views

CVE-2026-55460

CVE-2026-55460 affects Snipe-IT (IT asset/license management system). Before version 8.6.2, an authenticated non-admin user who had rights users.view and users.edit but not users.delete could directly POST to /users/bulksave with delete_user=1 because BulkUsersController::destroy() authorized onl...

7.1CVSS6.1AI score0.00285EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-57264

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.2 Description An authenticated non-admin user possessing users.view and users.edit permissions, but lacking users.delete permissions, can perform a soft-delete of another non-admin user. This occurs because the...

7.1CVSS6.1AI score0.00285EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 4 days ago11 views

CVE-2026-59225

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The...

5.4CVSS6AI score0.00211EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/29 5:18 p.m.35 views

CVE-2026-57945 PhotoPrism - Unauthorized User Profile Modification via PUT /api/v1/users/{uid} Endpoint

PhotoPrism before 260601-a7d098548 contains a broken access control vulnerability that allows authenticated non-admin users to modify other users' profile information by sending requests to arbitrary user endpoints. Attackers can exploit the missing session-to-user identifier validation in the PU...

5.3CVSS0.0019EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:28 p.m.5 views

CVE-2026-31978

motionEye mEye is an online interface for motion software, which is a video surveillance program with motion detection. Versions prior to 0.44.0 are vulnerable to path traversal in the picture and movie API endpoints, suhc as /picture/id/preview/filename. Neither the API handlers, nor the...

6.5CVSS5.9AI score0.00418EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/06/22 9:42 p.m.4 views

Improper Authorization

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Improper Authorization in the GET /secret/:name process. An attacker can determine the existence of admin-configured secrets by sending authenticated requests as a non-admin user and...

5.3CVSS5.8AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 9:9 p.m.4 views

CVE-2026-54017 Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the terminal-server reverse proxy in backend/openwebui/routers/terminals.py does not fully confine the user-controlled path segment before forwarding it to an admin-configured termin...

7.7CVSS6AI score0.00349EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50589

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description The terminal-server reverse proxy in backend/open webui/routers/terminals.py fails to properly confine the user-controlled path segment before forwarding it to an admin-configured terminal server...

7.7CVSS5.9AI score0.00349EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.14 views

CVE-2026-46481

OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TESTCONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in...

8.3CVSS5.4AI score0.00241EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 5:16 p.m.18 views

CVE-2026-48507

Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular users.edit permission to lock every admin out of the instance by editing the activated flag which determines whether or not a user can login and the...

7.1CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/08 4:51 p.m.9 views

CVE-2026-46481 OpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular users

OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TESTCONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in...

8.3CVSS5.4AI score0.00241EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:51 p.m.8 views

CVE-2026-46481

OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TESTCONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in...

8.3CVSS5.4AI score0.00241EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/08 4:51 p.m.42 views

CVE-2026-46481

OpenMetadata 1.12.1 is affected by a vulnerability in the TEST_CONNECTION workflow (POST /api/v1/automations/workflows) where a non-admin SSO user can trigger a TEST_CONNECTION and receive both the cleartext database password in the response and a valid ingestion-bot JWT in openMetadataServerConn...

8.3CVSS5.4AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-9522

Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 1:57 p.m.5 views

SUSE-SU-2026:22086-1 Security update for NetworkManager

This update for NetworkManager fixes the following issues: Security fixes: - CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: - Accept localhost hostnames if static bsc1257366...

3.3CVSS5.2AI score0.00162EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/04 7:28 p.m.19 views

Shopware: Privilege escalation: non-admin user with user:create ACL can create admin accounts

UserController::upsertUser writes user data in SYSTEMSCOPE and does not filter the admin field. A non-admin API user with user:create or user:update ACL permission can set admin: true on new or existing users, escalating to full admin access. The Problem In...

5.8AI score0.00034EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2026/06/04 12:16 p.m.15 views

CVE-2025-12694

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

8.5CVSS0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:4 p.m.10 views

CVE-2025-12694 Local Privilege Escalation in VPN Client

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

8.5CVSS5.8AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46225

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An authorization flaw exists in the Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application verifies if a matching template exists but fai...

5.1CVSS5.5AI score0.00154EPSS
Exploits0References5
Rows per page
Query Builder