Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41325

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

8.8CVSS5.3AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 1:16 a.m.4 views

CVE-2026-41325

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

8.8CVSS0.00363EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:38 a.m.4 views

CVE-2026-41325

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

7.1CVSS5.6AI score0.00363EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.5 views

Scoold 安全漏洞

Scoold is a team-based Q&A and knowledge-sharing platform developed by Erudika. Versions of Scoold prior to 1.66.2 contained security vulnerabilities. These vulnerabilities were due to authorization flaws, which could allow low-privilege users to override the permissions of other users...

6.5CVSS5.8AI score0.00211EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.3 views

PT-2026-22674

In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

6.1AI score0.00096EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/02 10:11 p.m.24 views

CVE-2024-49720

In multiple functions of Permissions.java, there is a possible way to override the state of the user's location permissions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

0.00093EPSS
Exploits0References2
Rows per page
Query Builder