PT-2026-33763

Name of the Vulnerable Software and Affected Versions Progress ADC Products affected versions not specified Description Two separate issues allow authenticated attackers to execute arbitrary commands on the LoadMaster appliance. The first involves OS command injection via the 'aclcontrol' command...

PT-2026-33713

A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api generate of the component Worker API Endpoint. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed publicly and may be...

CVE-2026-40480

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the GET /api/person/personId endpoint loads and returns person records without performing object-level authorization checks. Although the legacy PersonView.php page enforces canEditPerson restrictions, the API layer...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...

CVE-2026-40480 ChurchCRM has Missing Object-Level Authorization / IDOR in `/api/person/{personId}`

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the GET /api/person/personId endpoint loads and returns person records without performing object-level authorization checks. Although the legacy PersonView.php page enforces canEditPerson restrictions, the API layer...

Mattermost doesn't validate whether users were correctly owned by the correct Connected Workspace

Mattermost versions 10.11.x = 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of local users via the Connected Workspaces API...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in several API endpoints that lack proper authentication checks. An attacker can access sensitive data, perform state-changing operations, and obtain internal configuration details by sending...

Missing Authorization

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Missing Authorization in the /api/v1/public-chatbotConfig/:id endpoint in chatbotConfig. An attacker can access sensitive credentials, including API keys and authorization headers, by sending unauthenticate...

AndroScanner: Automated Backend Vulnerability Detection for Android Applications

Mobile applications rely on complex backends that introduce significant security risks, yet developers often lack the tools to assess these risks effectively. This paper presents AndroScanner, an automated pipeline for detecting vulnerabilities in Android application backends through combined...

CVE-2026-40291 Chamilo LMS has Privilege Escalation via API User Role Modification

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/id endpoint allows any authenticated user with ROLESTUDENT to escalate their privileges to ROLEADMIN by modifying the roles field o...

CVE-2026-6119

A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function postdata.get of the component API Endpoint. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The exploit is publicly available and might be used...

EUVD-2026-22529

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally...

EUVD-2026-21559

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own status field via the updateuserfromusername endpoint. A student status=5 can change their status to Teacher/CourseManager status=1, gaining course creation and management...

CVE-2026-33703

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...

EUVD-2026-21507

FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress only blocks private IPs when CHECKINTERNALIP=true, which is not the default. This allows...

BMC Control-M/MFT 安全漏洞

BMC Control-M/MFT is an enterprise-level file transfer and job scheduling integration management software developed by the American company BMC. Versions of BMC Control-M/MFT 9.0.22 and earlier contained security vulnerabilities. These vulnerabilities stemmed from API management endpoints that...

CVE-2026-23782

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. An API management endpoint allows unauthenticated users to obtain both an API identifier and its corresponding secret value. With these exposed secrets, an attacker could invoke privileged API operations, potentially leading to...

BMC Control-M/MFT 安全漏洞

BMC Control-M/MFT is an enterprise-level file transfer and job scheduling integration management software developed by the American company BMC. Versions of BMC Control-M/MFT 9.0.22 and earlier contained security vulnerabilities. These vulnerabilities were due to improper input validation in the...

WPProbe Plugin Enumeration Tool 0.11.6

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

Discourse Cross-Site Scripting Vulnerability

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a cross-site scripting vulnerability that stems from the API not cleaning up the description string when updating...