Lucene search
K

5 matches found

OSV
OSV
added 4 days ago3 views

CVE-2026-55475 Snipe-IT: Import created_by can be overwritten

Snipe-IT is an IT asset/license management system. Prior to 8.6.1, the Importer API endpoint allows a user with CSV import capabilities and a valid API key to overwrite the createdby value of an import file, allowing unauthorized modification of import ownership metadata. This issue is fixed in...

5.7CVSS6.1AI score0.00195EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/23 7:12 p.m.35 views

CVE-2026-41267 Flowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization Association

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment JSON injection vulnerability in the account registration endpoint of Flowise Cloud allows unauthenticated attackers to inject server-managed fields and nested objec...

8.1CVSS0.00334EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/23 7:12 p.m.6 views

EUVD-2026-25284

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment JSON injection vulnerability in the account registration endpoint of Flowise Cloud allows unauthenticated attackers to inject server-managed fields and nested objec...

8.1CVSS7.2AI score0.00334EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.13 views

PT-2026-34732

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment JSON injection vulnerability in the account registration endpoint of Flowise Cloud allows unauthenticated attackers to inject server-managed fields and nested objec...

8.1CVSS7.2AI score0.00334EPSS
Exploits1References2
CNVD
CNVD
added 2018/03/27 12:0 a.m.6 views

Jenkins Job and Node Ownership Plugin Design Vulnerability

Jenkins is an open source software project , is based on Java development of a continuous integration tool . A security vulnerability exists in the OwnershipDescription.java, JobOwnerJobProperty.java, and OwnerNodeProperty.java files in the Jenkins Job and Node Ownership Plugin 0.11.0 and earlier...

6.5CVSS6.7AI score0.007EPSS
Exploits0References1
Rows per page
Query Builder