Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

RedhatCVE
RedhatCVEadded 2026/02/19 7:28 a.m.2 views

CVE-2026-1860

The Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.8. This is due to the getitemspermissionscheck permission callback on the /kaliforms/v1/forms/id REST API endpoint only checking for the editposts capability without...

4.3CVSS5.6AI score0.00011EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/01/17 12:51 a.m.3 views

SUSE CVE-2017-18894

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover...

8.1CVSS7AI score0.00209EPSS
Exploits0References2
OSV
OSVadded 2023/02/09 7:15 p.m.2 views

CVE-2023-21432

Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner...

7.8CVSS7.1AI score
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

Unspecified Vulnerability in Mattermost Server (CNVD-2020-52020)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.2.0, 4.1.1 and 4.0.5. An attacker can exploit the vulnerability to bypass resource owner authorization and take over an accou...

8.1CVSS6.8AI score0.00209EPSS
Exploits0References1
Rows per page
Query Builder