Lucene search
K

15 matches found

EUVD
EUVD
added 2026/06/12 8:22 p.m.7 views

EUVD-2026-36582

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any MessageBus...

7.5CVSS5.3AI score0.00259EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.3 views

Practical Quantum Teleportation with Finite-Energy Codebooks

Quantum communication exploits non-classical correlations to achieve efficient and unconditionally secure exchange of information. In particular, the quantum teleportation protocol allows for a deterministic and secure transfer of unknown quantum states by using pre-shared quantum entanglement an...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34671

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00501EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28135

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00286EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.11 views

PT-2025-31649

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 1.3.9 Description Cursor, an AI-powered code editor, had a flaw that allowed writing files in the workspace without user approval in versions prior to 1.3.9. If a sensitive MCP file, such as .cursor/mcp.json, did not...

9.8CVSS8.2AI score0.01719EPSS
Exploits0References66
CNVD
CNVD
added 2025/06/06 12:0 a.m.3 views

Mattermost Improper Access Control Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Improper Access Control vulnerability that stems from a failure to properly access control, which can be exploited by an attacker to view metadata about members of a public...

3.1CVSS6.9AI score0.00205EPSS
Exploits0References1
Veracode
Veracode
added 2025/06/04 4:49 a.m.6 views

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to improper access control. The vulnerability is due to insufficient enforcement of access restrictions, which allows guest users to access metadata about members of public channels via the channel members API endpoint...

3.1CVSS3.6AI score0.00205EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/05/30 3:30 p.m.14 views

Mattermost fails to properly enforce access controls for guest users

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint...

3.1CVSS6.8AI score0.00205EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/30 2:22 p.m.8 views

CVE-2025-1792 Improper Access Control in Mattermost Channel Member API

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint...

3.1CVSS6.9AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.3 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Improper Access Control vulnerability that stems from a failure to properly access control, which can be exploited by an attacker to view metadata about members of a public...

3.1CVSS6.7AI score0.00205EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/21 12:0 a.m.2 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from an unenforced channel switching restriction that allows a member with privileges to switch a public channel to a private channel or a priva...

5.4CVSS5.3AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2024/05/26 2:15 p.m.3 views

CVE-2024-34152

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run that linked to the channel they are guest via sending an RHSRuns GraphQL query request to the server...

4.3CVSS5AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/29 8:5 a.m.21 views

CVE-2024-1887 Public channel post content accessible without membership when compliance export is enabled

Mattermost fails to check if compliance export is enabled when fetching posts of public channels allowing a user that is not a member of the public channel to fetch the posts, which will not be audited in the compliance export...

4.3CVSS6.6AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from the inability to check if compliance export is enabled when fetching posts from a public channel, allowing users who are not members of...

4.3CVSS4.6AI score0.00331EPSS
Exploits0References2
Hacker One
Hacker One
added 2021/03/02 12:21 p.m.20 views

Mattermost: Privilege Escalation leading to post in channel without having privilege

Hi H1, mattermost.cloud has a feature of making a channel and once its set to public any other user can join the channel and post comments on that channel. In System Console -- Channel -- Permission channel owner can assign wether member can post comment or not. Once channel owner selects that...

0.9AI score
Exploits0
Rows per page
Query Builder