Lucene search
+L

4920 matches found

NVD
NVD
added 7 hours ago4 views

CVE-2026-12393

The WPS Bookings for WooCommerce WordPress plugin before 3.11.7 does not verify that a booking order belongs to the requesting user before cancelling it, allowing any authenticated user, such as a Subscriber or Customer, to cancel and void other customers' booking orders...

5.4CVSS
Exploits0References1
Cvelist
Cvelist
added 8 hours ago11 views

CVE-2026-12393 WPS Bookings for WooCommerce < 3.11.7 - Subscriber+ Arbitrary Booking Order Cancellation via IDOR

The WPS Bookings for WooCommerce WordPress plugin before 3.11.7 does not verify that a booking order belongs to the requesting user before cancelling it, allowing any authenticated user, such as a Subscriber or Customer, to cancel and void other customers' booking orders...

Exploits0References1
ATTACKERKB
ATTACKERKB
added 8 hours ago2 views

CVE-2026-12393

The WPS Bookings for WooCommerce WordPress plugin before 3.11.7 does not verify that a booking order belongs to the requesting user before cancelling it, allowing any authenticated user, such as a Subscriber or Customer, to cancel and void other customers' booking orders...

5.3AI score
Exploits0References1
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-45148

The WPS Bookings for WooCommerce WordPress plugin before 3.11.7 does not verify that a booking order belongs to the requesting user before cancelling it, allowing any authenticated user, such as a Subscriber or Customer, to cancel and void other customers' booking orders...

5.4CVSS5.3AI score
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-12510

The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions...

5.9CVSS0.00132EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-44874

The AI Engine WordPress plugin before 3.5.5 does not verify that a user owns the chatbot conversation referenced by a client-supplied identifier, allowing users with subscriber-level access to read other users' private conversations and take over their conversation records when the discussions...

5.9CVSS6.1AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-52893

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan Accounts.onCreateUser hook in server/models/users.js merges OIDC logins into existing accounts when the OIDC email or username matches an existing Wekan user, without verifying ownership or checking emailverified. An attacker...

9.2CVSS0.00302EPSS
Exploits0References3
CVE
CVE
added 2 days ago13 views

CVE-2026-52893

Wekan before 9.32 is vulnerable through the Accounts.onCreateUser hook in server/models/users.js, which merges OIDC logins into existing accounts when the OIDC email or username matches an existing Wekan user without verifying ownership or email_verified. An attacker with an OIDC provider account...

9.2CVSS6.1AI score0.00302EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-59258 immich < 3.0.3 Shared Album Editor Ownership Takeover via updateUser

immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the album owner to editor and promote themselves to owne...

8.3CVSS0.00315EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-59258

immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the album owner to editor and promote themselves to owne...

8.3CVSS6.1AI score0.00315EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-44752

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS6.1AI score0.00355EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-58660 Kanboard BoardAjaxController Missing Ownership Check via Drag-and-Drop

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS0.00355EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-58660

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

8.1CVSS6.1AI score0.00355EPSS
Exploits0References5
OSV
OSV
added 2 days ago3 views

CVE-2026-58660 Kanboard BoardAjaxController Missing Ownership Check via Drag-and-Drop

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied projectid but never verifies that the supplied taskid actually belongs to that project. Because task identifiers a...

7.2CVSS6.1AI score0.00355EPSS
Exploits0References7
CVE
CVE
added 2 days ago4 views

CVE-2026-58660

Kanboard

8.1CVSS6.1AI score0.00355EPSS
Exploits0References4
NVD
NVD
added 2 days ago5 views

CVE-2026-14251

A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...

7.7CVSS0.00223EPSS
Exploits0References2
CVE
CVE
added 2 days ago12 views

CVE-2026-14251

The CVE-2026-14251 entry concerns the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects, enabling a namespace-scoped Argo CD instance to delete a ClusterRole owned by a cluster-scoped Argo CD instance via a crafted name...

7.7CVSS6AI score0.00223EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago39 views

CVE-2026-14251 Gitops-operator: gitops-operator: missing allowednamespace check in reconcilerhook for clusterrole/role cases enables potential privilege escalation and dos

A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...

7.7CVSS0.00223EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago12 views

CVE-2026-14251

A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...

7.7CVSS6AI score0.00223EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-60319

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 9.32 Description The Accounts.onCreateUser function in server/models/users.js merges OIDC logins into existing accounts when the OIDC email or username matches an existing user without verifying ownership or checking th...

9.2CVSS6.1AI score0.00302EPSS
Exploits0References5
Rows per page
Query Builder