CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

343 matches found

CVE-2026-41498

Kimai is an open-source time tracking application. Prior to version 2.54.0, the Team API endpoints use IsGranted'editteam' instead of IsGranted'edit', 'team', causing Symfony TeamVoter to abstain from voting. This removes entity-level ownership checks on team operations, allowing any user with th...

3.3CVSS5.4AI score0.00012EPSS

Exploits1References1

RedhatCVE•added yesterday•3 views

CVE-2026-4432

The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ownership in the savetitle AJAX handler before allowing wishlist renaming operations. The function only checks for a valid nonce, which is publicly exposed in the page source of the /wishlist/ page,...

6.5CVSS5.5AI score0.00068EPSS

Exploits0References1

RedhatCVE•added yesterday•2 views

CVE-2026-10855

An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already existed but did not verify that the importing user belonged to the organization that owned the...

5.1CVSS5.5AI score0.00036EPSS

Exploits0References1

RedhatCVE•added yesterday•2 views

CVE-2026-42277

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/fileid endpoint allows any authenticated user to download any other user's uploaded files by providing the file UUID. The endpoint verifies the caller is authenticated but never checks that the file...

6.5CVSS5.3AI score0.00033EPSS

Exploits0References1

RedhatCVE•added yesterday•3 views

CVE-2026-29204

Insufficient ownership check in clientarea.php allows an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's account...

9.1CVSS5.5AI score0.00044EPSS

Exploits1References1

RedhatCVE•added yesterday•2 views

CVE-2026-45342

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains an Insecure Direct Object Reference vulnerability in the authorization policy layer that allows any authenticated user to modify resources owned by other users. The affected resource types are links, lists...

7.1CVSS5.4AI score0.00043EPSS

Exploits0References1

Cvelist•added yesterday•16 views

CVE-2026-45743 Termix has a File-Manager Session Hijack via Missing Ownership Check (IDOR)

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by sessionId. An authenticated attacker who knows or...

8.1CVSS

Exploits0References2

CVE•added yesterday•9 views

CVE-2026-45743

Termix before 2.3.2 has an IDOR flaw in 16 file-manager endpoints where the server fails to verify that the requester owns the SSH session identified by sessionId. An authenticated user who can guess another user’s active sessionId can read, write, delete, download, and execute files on the victi...

8.1CVSS5.6AI score

Exploits0References2

Github Security Blog•added yesterday•5 views

NocoDB: Missing Ownership Check in MCP Attachment Read

Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. Details The MCP readAttachment tool accepts...

5.5AI score

Exploits0References3Affected Software1

OSV•added yesterday•2 views

GHSA-XXPJ-Q764-9R6Q NocoDB: Missing Ownership Check in MCP Attachment Read

2.3CVSS5.5AI score

Exploits0References3

Cvelist•added 2 days ago•30 views

CVE-2026-10855 MISP Event template importer authorization bypass

5.1CVSS0.00036EPSS

Exploits0References1

CVE•added 2 days ago•8 views

CVE-2026-10855

CVE-2026-10855 concerns an authorization flaw in the MISP Event Template Importer overwrite workflow. During overwrite, the system checked for a matching template but did not verify that the importing user belonged to the organization that owned the template. This could allow an authenticated use...

5.1CVSS5.8AI score0.00036EPSS

Exploits0References1

Positive Technologies•added 2 days ago•8 views

PT-2026-46225

5.1CVSS5.8AI score0.00036EPSS

Exploits0References2

Positive Technologies•added 2 days ago•5 views

PT-2026-46892

Summary The Shopware Store API endpoint /store-api/handle-payment contains an object-level authorization flaw that allows a low-privileged external user with a normal customer or guest context to trigger the payment flow for another user’s order by supplying a foreign orderId. The affected...

4.3CVSS5.7AI score

Exploits0References5

ATTACKERKB•added 5 days ago•6 views

CVE-2026-45283

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...

6.3CVSS5.7AI score0.00024EPSS

Exploits0References4Affected Software1