Lucene search
K

30 matches found

Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-56336 Capgo - Information Disclosure via Unauthenticated SSO check-domain Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /private/sso/check-domain endpoint that returns internal orgid and providerid values. Attackers can enumerate email domains to build mappings of domains to organization UUIDs and SSO provider identifiers...

6.9CVSS0.00205EPSS
Exploits0References2
OSV
OSV
added last week2 views

CVE-2026-56284 Capgo - Unauthenticated Metrics Disclosure via get_total_metrics RPC

Capgo Cap-go/capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST RPC function public.gettotalmetricsorgid, which is callable by the anon role using only the public sbpublishable key. An unauthenticated attacker can probe organization existence and leak...

6.9CVSS6.1AI score0.00214EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 3:32 p.m.8 views

EUVD-2026-39651

Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/orgId endpoints...

7.7CVSS5.8AI score0.0022EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/26 12:20 p.m.36 views

CVE-2026-57920

Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/orgId endpoints...

7.7CVSS0.0022EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52575

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.5.0 Description Broken access control allows any authenticated user to access arbitrary organization billing data. By supplying an arbitrary organizationId to the PreviewInvoiceController endpoints, an...

5.3CVSS5.9AI score0.00248EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.6 views

CVE-2026-56270

Flowise before 3.1.0 versions 3.0.13 and earlier contains a missing authentication vulnerability in the /api/v1/loginmethod endpoint that allows unauthenticated users to retrieve an organization's complete SSO configuration, including OAuth client secrets in cleartext, by providing an...

8.7CVSS5.9AI score0.00383EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 12:12 p.m.35 views

CVE-2026-56222 Capgo - Cross-Organization App Takeover via Mismatched org_id and app_id in /private/role_bindings

Capgo before 12.128.2 contains an authorization bypass vulnerability in POST /private/rolebindings that fails to verify appid ownership during app-scoped role binding creation. An attacker with administrative privileges in one organization can create role bindings targeting applications owned by...

8.6CVSS0.00356EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.13 views

PT-2026-51633

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Gogs contains an information disclosure issue where the 'GET /api/v1/orgs/:orgname/teams' endpoint returns all teams for any organization without requiring authentication. This occurs because the route...

6.9CVSS5.9AI score0.01553EPSS
Exploits0References11
OSV
OSV
added 2026/06/22 11:43 a.m.3 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS6.1AI score0.00362EPSS
Exploits0References19
Cvelist
Cvelist
added 2026/06/22 11:43 a.m.35 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS0.00362EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.12 views

Flowise 授权问题漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise 3.0.12 and earlier contained an authorization vulnerability. This vulnerability stemmed from issues with the operations of the parameter userId/organizationId/workspaceId/emai...

5.3CVSS5.8AI score0.00293EPSS
Exploits1References1
OSV
OSV
added 2026/04/16 9:20 p.m.8 views

GHSA-6PCV-J4JX-M4VX Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request

Summary I have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users guests to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth...

5.3CVSS5.9AI score0.00383EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/16 9:20 p.m.12 views

Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request

Summary I have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users guests to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth...

8.7CVSS5.9AI score0.00383EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.25 views

PT-2026-51775

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description A missing authentication issue exists in the '/api/v1/loginmethod' endpoint. Unauthenticated users can retrieve an organization's complete Single Sign-On SSO configuration, including OAuth client...

8.7CVSS6.1AI score0.00383EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/04/15 6:57 p.m.17 views

CVE-2026-21727 Grafana Correlations: Cross-Tenant Data Disclosure and Permanent Deletion via Legacy org_id=0 Record

--- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: /static/img/heros/hero-legal2.svg content: " Cross-Tenant Legacy Correlation Disclosure and Deletion" date: 2026-01-29 product: Grafana severity: Low cve: CVE-2026-21727 cvssscore: "3.3" cvssvector:...

3.3CVSS0.00204EPSS
Exploits0References1
OSV
OSV
added 2026/02/09 9:31 p.m.3 views

GHSA-HCVW-475W-8G7P Keycloak affected by improper invitation token validation

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token JWT payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an...

8.1CVSS5.9AI score0.00453EPSS
Exploits2References13
Snyk
Snyk
added 2026/02/09 6:21 p.m.3 views

Improper Verification of Cryptographic Signature

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the invitation tokens in the registration process. An...

8.6CVSS5.6AI score0.00453EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.11 views

PT-2026-7129

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak’s invitation token registration mechanism. The server does not verify the cryptographic signature of the JSON Web Token JWT. An attacker can modify the organization...

8.5CVSS5.5AI score0.00453EPSS
Exploits2References32
CNNVD
CNNVD
added 2025/12/07 12:0 a.m.4 views

Chanjet CRM SQL注入漏洞

Chanjet CRM is a customer relationship management system from China's Chanjet. A SQL injection vulnerability exists in Chanjet CRM 20251121 and earlier versions, which stems from incorrect manipulation of the parameter gblOrgID in the file /tools/jxfdumptabledemo.php, which could lead to SQL...

7.5CVSS7.7AI score0.00264EPSS
Exploits0References5
OSV
OSV
added 2025/11/28 12:0 a.m.6 views

CVE-2025-66385

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges e.g., obtain a higher role such as admin via the user-edit endpoint by supplying or modifying roleid or organisationid fields in the edit request...

9.4CVSS6.9AI score0.00368EPSS
Exploits0References5
Rows per page
Query Builder