676 matches found
OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete
OpenAPI Generator versions 7.5.0 and below are prone to an Arbitrary File Read/Delete vulnerability. Attackers can exploit this vulnerability to read and delete files and folders from an arbitrary, writable directory. id: CVE-2024-35219 info: name: OpenAPI Generator = 7.5.0 - Arbitrary File...
CVE-2026-54607
FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns...
CVE-2026-54607
FastGPT exposed an SSRF issue in the HTTP-tool OpenAPI schema importer prior to 4.15.0-beta4. The importer validates only the top-level URL before handing refs to SwaggerParser.bundle, whose resolver can fetch and inline $ref URLs bypassing FastGPT’s internal-address guard, enabling an authentica...
CVE-2026-54607 FastGPT: SSRF in HTTP-tool OpenAPI schema importer via SwaggerParser $ref (bypasses the isInternalAddress guard)
FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns...
CVE-2026-54607
FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns...
CVE-2026-54607 FastGPT: SSRF in HTTP-tool OpenAPI schema importer via SwaggerParser $ref (bypasses the isInternalAddress guard)
FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns...
PT-2026-56261
Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.15.0-beta4 Description The HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle. The remote reference resolver within this bundle fetches $ref URLs without...
OPENSUSE-SU-2026:11192-1 python313-openapi-spec-validator-0.9.0-1.1 on GA media
These are all security issues fixed in the python313-openapi-spec-validator-0.9.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-58377
JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, update, and delete operations on OpenAPI credentials by accessing the OpenApiAuthController and OpenApiPermissionController endpoints which lack Shiro...
CVE-2026-49451 Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing
The OpenAPI.NET SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. From 2.0.0-preview11 until 2.7.5 and 3.5.4, a small OpenAPI document containing a circular schema reference can cause proce...
CVE-2026-49451
The issue affects the OpenAPI.NET SDK used for OpenAPI document parsing in .NET. A circular schema reference in a small OpenAPI document can cause process termination via stack overflow when using public OpenAPI.NET reader APIs, applicable to both JSON and YAML paths. Affected versions range from...
EUVD-2026-40364
JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, update, and delete operations on OpenAPI credentials by accessing the OpenApiAuthController and OpenApiPermissionController endpoints which lack Shiro...
CVE-2026-58377
JeecgBoot 3.9.2 is affected by a broken access control vulnerability that allows authenticated, low-privilege users to perform full CRUD on OpenAPI credentials via OpenApiAuthController and OpenApiPermissionController endpoints that lack Shiro authorization annotations. Attackers can list, add, e...
CVE-2026-58377
JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, update, and delete operations on OpenAPI credentials by accessing the OpenApiAuthController and OpenApiPermissionController endpoints which lack Shiro...
CVE-2026-58377 JeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret Keys
JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, update, and delete operations on OpenAPI credentials by accessing the OpenApiAuthController and OpenApiPermissionController endpoints which lack Shiro...
Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing
Impact A small OpenAPI document containing a circular schema reference can cause process termination through stack overflow in Microsoft.OpenApi. The issue affects OpenAPI document parsing through public OpenAPI.NET reader APIs and has been confirmed across both JSON and YAML reader paths. Affect...
GHSA-V5PM-XWQC-G5WC Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing
Impact A small OpenAPI document containing a circular schema reference can cause process termination through stack overflow in Microsoft.OpenApi. The issue affects OpenAPI document parsing through public OpenAPI.NET reader APIs and has been confirmed across both JSON and YAML reader paths. Affect...
PT-2026-53934
Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.3 Description Authenticated low-privilege users can perform full create, read, update, and delete operations on OpenAPI credentials. This occurs because the 'OpenApiAuthController' and...
PT-2026-53915
Name of the Vulnerable Software and Affected Versions OpenAPI.NET versions 2.0.0-preview11 through 2.7.4 OpenAPI.NET versions 3.0.0 through 3.5.3 Description An issue in the parsing of OpenAPI documents can lead to process termination due to a stack overflow when a document contains a circular...
PYSEC-2026-338 FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability
Technical Description The OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the buildurl method. When an OpenAPI...