Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 5 hours ago4 views

CVE-2026-13007 Insecure Public Caching on REST API Endpoints in Tenable Identity Exposure

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/ that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are...

8.7CVSS
Exploits0References1
CVE
CVEadded 5 hours ago6 views

CVE-2026-13007

Tenable Identity Exposure exposes multiple unauthenticated API endpoints under /w/api/* that return sensitive configuration data (cleartext LDAP credentials, SAML config, user accounts, directory settings). Responses are served with Cache-Control: public and without Vary: Cookie, enabling reverse...

8.7CVSS5.9AI score
Exploits0References1
EUVD
EUVDadded 5 hours ago3 views

EUVD-2026-38487

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/ that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are...

8.7CVSS5.9AI score
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2021-31657

Malicious code in bioql PyPI...

5.3CVSS5AI score0.00613EPSS
Exploits0References5
OSV
OSVadded 2022/12/26 5:15 a.m.2 views

UBUNTU-CVE-2021-44854

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis...

5.3CVSS6AI score0.00613EPSS
Exploits0References4
Snyk
Snykadded 2022/05/24 5:21 p.m.2 views

Information Exposure

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Information Exposure via the imgauth.php process. ...

6.9CVSS6.8AI score0.01302EPSS
Exploits0References2
Veracode
Veracodeadded 2021/12/31 11:25 p.m.25 views

Information Disclosure

mediawiki is vulnerable to information disclosure. The vulnerability exists due to the REST API incorrectly publicly caches autocomplete search results from private wikis...

5.3CVSS2AI score0.00613EPSS
Exploits0References3Affected Software2
OSV
OSVadded 2019/07/10 4:15 p.m.2 views

UBUNTU-CVE-2019-12474

Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

7.5CVSS7.2AI score0.02043EPSS
Exploits0References4
OSV
OSVadded 2011/04/27 12:55 a.m.1 views

DEBIAN-CVE-2010-2787

api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by a victim...

4.3CVSS6.7AI score0.01645EPSS
Exploits0References1
Rows per page
Query Builder