Lucene search
K

254 matches found

OSV
OSV
added 2026/06/01 12:0 p.m.17 views

RUSTSEC-2026-0157 Several memory corruption issues via safe APIs

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.10 views

PT-2026-48694

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

5.5AI score
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/05/29 3:27 p.m.13 views

Security update for openexr

This update for openexr fixes the following issue CVE-2026-41142: integer overflow in ImageChannel: resize can lead to a heap out-of-bounds write via OpenEXRUtil public API bsc1264356. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

9.2CVSS5.8AI score0.00355EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.17 views

CVE-2026-46424

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/28 6:22 p.m.11 views

CVE-2026-45332 Automad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint

Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...

7.5CVSS5.8AI score0.00298EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/28 6:22 p.m.33 views

CVE-2026-45332 Automad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint

Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...

7.5CVSS0.00298EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.15 views

Automad 访问控制错误漏洞

Automad is a flat-file content management system and template engine developed by Marc Anton Dahmen. Versions of Automad from 2.0.0-alpha.1 to 2.0.0-beta.27 contain access control vulnerabilities. These vulnerabilities stem from ineffective access control mechanisms, allowing unauthorized attacke...

7.5CVSS5.8AI score0.00298EPSS
Exploits1References2
NVD
NVD
added 2026/05/27 6:16 p.m.19 views

CVE-2026-48150

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...

9CVSS0.00292EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.14 views

CVE-2026-46424

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS0.00163EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:5 p.m.10 views

CVE-2026-46424

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 5:5 p.m.8 views

CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS5.7AI score0.00163EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 4:58 p.m.44 views

CVE-2026-48150 Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...

9CVSS0.00292EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 4:58 p.m.9 views

CVE-2026-48150

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...

9CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 4:58 p.m.15 views

CVE-2026-48150 Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...

9CVSS5.8AI score0.00292EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/22 7:7 p.m.95 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi

CVE-2026-27886 Vulnerability Assessment Tool Safely detect wh...

9.2CVSS5.8AI score0.00612EPSS
Exploits3
OSV
OSV
added 2026/05/19 4:30 p.m.5 views

GHSA-6VP2-6R7M-2JVX Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Summary The public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user identity and permissions from this cache TTL: 3600 seconds...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References4
NVD
NVD
added 2026/05/15 7:17 p.m.28 views

CVE-2026-46364

phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...

9.8CVSS0.01709EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.19 views

phpMyFAQ SQL注入漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 contained an SQL injection vulnerability. This vulnerability stemmed from the BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods, which inserted...

9.8CVSS5.9AI score0.01709EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 5:7 p.m.11 views

EUVD-2026-30344

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an...

9.1CVSS5.9AI score0.00523EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/05/14 3:59 a.m.96 views

Exploit for Improper Access Control in Langfuse

CVE-2026-24055 — Unauthenticated Slack OAuth Install in Langfu...

6.3CVSS5.8AI score0.00397EPSS
Exploits2
Rows per page
Query Builder