PT-2026-42564

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.0 Description The user-profile edit controller passes the entire raw POST array to the UserInfo::update function without field whitelisting. This allows registered users to change passwords without providing...

Flowise: Mass Assignment in PUT /api/v1/user Allows Authenticated Users to Override Password Hash and Bypass Password Change Verification

Summary A Mass Assignment vulnerability in the PUT /api/v1/user endpoint allows authenticated users to directly modify restricted user fields, including the credential password hash, bypassing the intended password change workflow. Because the endpoint forwards the entire request body to the...

PT-2026-34822

Name of the Vulnerable Software and Affected Versions Actual versions prior to 26.4.0 Description Authenticated users, including those with the BASIC role, can escalate their privileges to ADMIN on servers that migrated from password authentication to OpenID Connect. This is possible through an...

EUVD-2026-17947

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

CVE-2026-33124

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/username/password endpoint. Changing a password does not...

PT-2026-26598

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/username/password endpoint. Changing a password does not...

Roundcube -- Multiple vulnerabilities

The Roundcube project reports: pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler password could get changed without providing the old password IMAP Injection + CSRF bypass in mail search remote image blocking bypass via various SVG animate attributes remot...

CVE-2026-22545 Password Change Bypass via Auth Switch Endpoint

Mattermost versions 10.11.x = 10.11.10 fail to validate user's authentication method when processing account auth type switch which allows an authenticated attacker to change account password without confirmation via falsely claiming a different auth provider.. Mattermost Advisory ID:...

CVE-2019-25436

Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...

CVE-2019-25436

CVE-2019-25436 affects Sricam DeviceViewer 3.12.0.1. The vulnerability is a password change security bypass where authenticated users can change passwords without validating the old password; attackers can inject a large payload into the old password parameter during the change password process t...

CVE-2019-25436 Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass

Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to...

Sricam DeviceViewer 安全漏洞

Sricam DeviceViewer is a monitoring video management software developed by Sricam Corporation in China. Version 3.12.0.1 of Sricam DeviceViewer contains a security vulnerability. This vulnerability stems from improper validation of the old password field, which may allow authenticated users to...

GHSA-FJH6-8679-9PCH Flowise does not Prevent Bypass of Password Confirmation - Unverified Password Change

Summary Bypass of Password Confirmation - Unverified Password Change authenticated change without current password An authenticated user is allowed to change their account password without supplying the current password or any additional verification. The application does not verify the actor’s...

EUVD-2022-2507

Malicious code in bioql PyPI...

CVE-2025-24949

In JotUrl 2.0, is possible to bypass security requirements during the password change process...

Image Access Scan2Net 安全漏洞

Image Access Scan2Net is a scanning software from Image Access Germany. A security vulnerability exists in Image Access Scan2Net versions 7.40 and earlier, 7.42 and earlier, and 7.42B and earlier, which stems from a password change feature that does not require a current or old password, which...

PYSEC-2024-193

An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized...

Apache DolphinScheduler 安全漏洞

Apache Dolphinscheduler is a modern data scheduling platform from the Apache USA Foundation. The Apache DolphinScheduler security bypass vulnerability, which stems from a session not being logged off after a password change, can be exploited by an attacker to bypass access restrictions by sending...

CVE-2023-36917 Password Change rate limit bypass in SAP BusinessObjects Business Intelligence Platform

SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. Although the attack has no impa...

Fortinet FortiADC 授权问题漏洞

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. A security vulnerability exists in Fortinet FortiADC versions 6.2.0 through 6.2.3, 6.1.x, 6.0.x, and 5.xx. An attacker could use this vulnerability to bypass the old password in the password change form via a specially...