Lucene search
K

2495 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-50283

Craft CMS is a content management system CMS. Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId...

5.3CVSS0.00265EPSS
Exploits0References2
NVD
NVD
added 4 days ago7 views

CVE-2026-50284

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder only requires the deleteAssets: permission for the target folder. It never enforces deletePeerAssets:, even though Assets::deleteFoldersByIds...

7.1CVSS0.00249EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-50284

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder only requires the deleteAssets: permission for the target folder. It never enforces deletePeerAssets:, even though Assets::deleteFoldersByIds...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-50283

Craft CMS is a content management system CMS. Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId...

5.3CVSS5.8AI score0.00265EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 4 days ago38 views

CVE-2026-54262 Wagtail: Pages translations can be created without page permissions when using simple_translation

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, a low-level user with the "Can submit translation" permission can create translations for any page, including those they do not have permissions for. This issue has been fixed in...

4.3CVSS0.00162EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 4 days ago5 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS6.7AI score0.00292EPSS
Exploits0References8
NVD
NVD
added 5 days ago10 views

CVE-2026-14209

A vulnerability was discovered in Keycloak's Admin UI extension that allows certain administrative users to bypass security restrictions. When Fine-Grained Admin Permissions FGAPv2 are enabled, an administrator who should only be able to search for users but not view their full details can use a...

4.3CVSS0.00173EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-57954 Elide 7.1.17 - Permission Bypass in Sort Expression Validation

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across...

5.3CVSS0.00168EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2026-57954

Vulnerability summary (CVE-2026-57954) Elide 7.1.17 has a flaw in SortingImpl.getValidSortingRules where @ReadPermission is not enforced on client-supplied sort expressions. This allows attackers to sort collections by forbidden fields and infer hidden field values via row ordering analysis, leak...

5.3CVSS5.8AI score0.00168EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5392 BoxLite: Permission Bypass Allows Modification of Read-Only Files in github.com/boxlite-ai/boxlite/sdks/go

BoxLite: Permission Bypass Allows Modification of Read-Only Files in github.com/boxlite-ai/boxlite/sdks/go...

10CVSS5.8AI score0.00289EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 3:52 p.m.10 views

CVE-2026-54027

Vulnerability (CVE-2026-54027): LibreChat prior to 0.8.4-rc1 allows authenticated users to upload files via POST /api/files/images into any agent’s tool_resources (e.g., context, execute_code) without ownership/EDIT checks. A permission check was added to POST /api/files, but the image upload rou...

6.5CVSS6AI score0.00189EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/06/25 6:0 a.m.16 views

CVE-2026-10824

The Masteriyo LMS WordPress plugin, version before 2.2.1, has missing authorization checks in the course-progress REST API controller. This allows unauthenticated users to read and permanently delete any user’s course-progress records. The vulnerability is caused by insufficient access control in...

6.5CVSS5.8AI score0.00164EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52539

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.16 Description A scoped, non-admin user with only Create permission can delete arbitrary files outside their assigned scope, including other tenants' data and the application database. This occurs during the...

8.2CVSS6AI score0.00359EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 8:45 p.m.7 views

CVE-2026-52944

A flaw was found in the Linux kernel's ksmbd component. This vulnerability allows a client to bypass intended permission restrictions by using the FSCTLSETSPARSE operation. Specifically, a client on a read-only share can modify a file's sparse attribute, and clients on writable shares can modify...

5.8AI score0.00165EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:19 p.m.6 views

CVE-2026-52799

Gogs is an open source self-hosted Git service. Prior to 0.14.3, GET /attachments/:uuid returns the raw attachment file without verifying whether the requester has view permission for the associated Issue/Comment/Release or the repository. In a test environment with REQUIRESIGNINVIEW = false, we...

7.5CVSS5.9AI score0.00422EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTLSETSPARSE FSCTLSETSPARSE in fsctlsetsparse modifies the file's sparse attribute and sav...

6AI score0.00165EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 8:17 p.m.28 views

CVE-2026-47381 NocoDB: Cross-Workspace Integration Use in Connection Test

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a user in one workspace could exercise another workspace's integration through the testConnection endpoint by supplying its ID, because the integration was fetched in a bypass scope and the caller's permission check...

6.9CVSS0.00313EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:17 p.m.18 views

CVE-2026-47381

CVE-2026-47381 affects NocoDB prior to 2026.05.1, where a user in one workspace could abuse the testConnection endpoint to access another workspace’s integration due to the integration being fetched in a bypass scope and permission checks being evaluated against any base in any workspace. The iss...

6.9CVSS5.9AI score0.00313EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 7:5 p.m.17 views

CVE-2026-54555

CVE-2026-54555 affects rtK prior to 0.42.2. The issue lies in the permission splitter, which failed to conservatively split or reject shell constructs Bash treats as command boundaries or nested execution. Consequently, a command starting with an allowed prefix (e.g., git) could conceal a second,...

7.8CVSS6.1AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 7:5 p.m.35 views

CVE-2026-54555 rtk: Permission-gate bypass in rtk rewrite auto-allow via unsplit shell separators

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively split or reject several shell constructs that Bash treats as command execution boundaries or nested execution. As a result, a command beginning with an...

7.8CVSS0.00128EPSS
Exploits0References1
Rows per page
Query Builder