CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 3 days ago•4 views

CVE-2026-31942 LibreChat has IDOR in API Keys Management that allows any authenticated user to overwrite other users' API keys

7.1CVSS5.7AI score0.00036EPSS

ATTACKERKB•added 3 days ago•7 views

CVE-2026-31942

7.1CVSS5.7AI score0.00036EPSS

Cvelist•added 3 days ago•30 views

CVE-2026-31942 LibreChat has IDOR in API Keys Management that allows any authenticated user to overwrite other users' API keys

7.1CVSS0.00036EPSS

NVD•added 4 days ago•8 views

CVE-2026-24761

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belonging to other users due to insufficient authorization checks on resource...

4.3CVSS0.00029EPSS

NVD•added 4 days ago•8 views

CVE-2026-24756

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...

4.3CVSS0.00028EPSS

EUVD•added 4 days ago•6 views

EUVD-2026-33840

3.7CVSS5.8AI score0.00029EPSS

CVE•added 4 days ago•9 views

CVE-2026-24761

The CVE-2026-24761 entry concerns Kiteworks Secure Data Forms prior to version 9.3.0, where an Insecure Direct Object Reference (IDOR) allows an authenticated user to access metadata of resources belonging to other users due to insufficient ownership checks. Affected product is Kiteworks Secure D...

4.3CVSS5.8AI score0.00029EPSS

Cvelist•added 4 days ago•24 views

CVE-2026-24761 Kiteworks Secure Data Forms is vulnerable to Authorization Bypass Through User-Controlled Key

3.7CVSS0.00029EPSS

CVE•added 4 days ago•10 views

CVE-2026-24756

Kiteworks CVE-2026-24756 affects the Kiteworks Secure Data Forms component. Before version 9.3.0, an Insecure Direct Object Reference (IDOR) allows an authenticated user to modify resources owned by other users due to insufficient authorization checks on ownership. A patch is available in version...

4.3CVSS5.8AI score0.00028EPSS

ATTACKERKB•added 4 days ago•5 views

CVE-2026-24756

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...

4.3CVSS5.8AI score0.00028EPSS

EUVD•added 4 days ago•8 views

EUVD-2026-33839

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...

4.3CVSS5.8AI score0.00028EPSS

Cvelist•added 4 days ago•26 views

CVE-2026-24756 Kiteworks Secure Data Forms is vulnerable to Authorization Bypass Through User-Controlled Key

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...

4.3CVSS0.00028EPSS

EUVD•added 4 days ago•7 views

EUVD-2026-33838

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

5.4CVSS5.8AI score0.00022EPSS

CVE•added 4 days ago•10 views

CVE-2026-24755

Kiteworks Secure Data Forms (prior to v9.3.0) contains an Insecure Direct Object Reference (IDOR) vulnerability that allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource ownership. A patch is available in Kit...

5.4CVSS5.8AI score0.00022EPSS

Cvelist•added 4 days ago•24 views

CVE-2026-24755 Kiteworks Secure Data Forms is vulnerable to Authorization Bypass Through User-Controlled Key

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

5.4CVSS0.00022EPSS

ATTACKERKB•added 4 days ago•8 views

CVE-2026-24755

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

5.4CVSS5.8AI score0.00022EPSS

CVE•added 4 days ago•10 views

CVE-2026-24753

Kiteworks (PDN) prior to 9.3.0 is affected by an Insecure Direct Object Reference (IDOR) in Secure Data Forms. An authenticated user can modify resources belonging to other users due to insufficient authorization checks on resource ownership. A patch is available in version 9.3.0 and later; upgra...

6.5CVSS5.8AI score0.00028EPSS

NVD•added 4 days ago•6 views

CVE-2026-23638

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated attacker to tamper with the internal approval flow configurations of forms belonging to other users due to insufficient...

6.5CVSS0.00028EPSS

ATTACKERKB•added 4 days ago•8 views

CVE-2026-23638

6.5CVSS5.8AI score0.00028EPSS