Lucene search
+L

187 matches found

OSV
OSV
added 2026/05/06 8:54 p.m.6 views

GHSA-M24V-F7G5-GQ67 Statamic CMS vulnerable to email enumeration via forgot password endpoint

Impact Responses from the forgot password forms hinted at whether an account existed for a given email address. An unauthenticated attacker could use this to enumerate valid users, which can aid in follow-up credential-based attacks. Patches This has been fixed in 5.73.21 and 6.15.0. The forgot...

5.3CVSS5.8AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 11:41 a.m.19 views

EUVD-2026-26037

An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...

9.4CVSS5.3AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 2:13 a.m.38 views

CVE-2026-33318 Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

8.8CVSS0.00472EPSS
Exploits1References2
CVE
CVE
added 2026/04/24 2:13 a.m.9 views

CVE-2026-33318

CVE-2026-33318 affects Actual, a local-first personal finance tool. Prior to version 26.4.0, any authenticated session could escalate to ADMIN on OpenID-migrated servers due to a three‑part chain: 1) missing authorization on POST /account/change-password allows overwriting the password hash; 2) a...

8.8CVSS5.8AI score0.00472EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/24 2:13 a.m.9 views

EUVD-2026-25380

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

8.8CVSS5.5AI score0.00472EPSS
Exploits1References2
OSV
OSV
added 2026/04/24 2:13 a.m.3 views

CVE-2026-33318 Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

8.8CVSS6AI score0.00472EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.14 views

actual 访问控制错误漏洞

Actual is a personal finance tool developed by Actual OpenSource. Versions of Actual prior to 26.4.0 contained an access control vulnerability. This vulnerability stemmed from the lack of authorization checks for the /account/change-password endpoint. Combined with the password authentication row...

8.8CVSS5.8AI score0.00472EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/23 9:23 p.m.6 views

Missing Authorization

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Missing Authorization via the change-password endpoint, which lacks proper authorization checks. An attacker can gain administrative privileges by overwriting the password hash for the...

8.8CVSS5.6AI score0.00472EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/23 9:23 p.m.10 views

Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Summary Any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowing any session to overwrite the password hash; the inactive...

8.8CVSS5.8AI score0.00472EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/23 8:16 p.m.6 views

CVE-2026-41276

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS0.0687EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/23 7:49 p.m.12 views

EUVD-2026-25295

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific...

7.7CVSS5.8AI score0.0687EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/23 7:49 p.m.4 views

CVE-2026-41276 Flowise: AccountService resetPassword Authentication Bypass Vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific...

7.7CVSS5.6AI score0.0687EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 7:49 p.m.4 views

CVE-2026-41276

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific...

7.7CVSS5.8AI score0.0687EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/23 7:49 p.m.153 views

CVE-2026-41276

Flowise (FlowiseAI Flowise) has a REST-authentication bypass vulnerability in the AccountService.resetPassword flow. Before version 3.1.0, an attacker who knows a user’s email can request a password reset with a null/empty token, bypass the need for a valid reset token, and set the user’s passwor...

9.8CVSS5.8AI score0.0687EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.8 views

PT-2026-34744

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description Remote attackers can bypass authentication in Flowise. The issue exists within the resetPassword function of the AccountService class, where the system fails to verify if a password reset token was...

9.8CVSS5.2AI score0.0687EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.14 views

FastGPT 安全漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.14.9.5 contained a security vulnerability. This vulnerability stemmed from the password-changing endpoint, which was vulnerable to NoSQL injection...

8.8CVSS5.8AI score0.0038EPSS
Exploits1References2
CNVD
CNVD
added 2026/04/16 12:0 a.m.5 views

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17696)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability stems from improper handling of the name parameter in the /usbpaswd.asp endpoint, which can be exploited by an attacker to cause a denial of service...

7.5CVSS5.7AI score0.00516EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/04/15 11:54 a.m.179 views

Exploit for Missing Authentication for Critical Function in Flowiseai Flowise

Flowise-CVE-2025-58434-PasswordReset Unauthenticated...

9.8CVSS5.8AI score0.50118EPSS
Exploits14
GithubExploit
GithubExploit
added 2026/04/12 4:52 p.m.277 views

Exploit for Missing Authentication for Critical Function in Flowiseai Flowise

CVE-2025-58434 — Flowise Account Takeover via Token Disclosure...

9.8CVSS6AI score0.50118EPSS
Exploits14
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.6 views

CVE-2025-50663

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usbpaswd.asp endpoint...

7.5CVSS6AI score0.00516EPSS
Exploits0References1
Rows per page
Query Builder