Lucene search
K

110 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-57994

phpMyFAQ before 4.1.5 applies inconsistent active=yes and publication-date filtering across its public FAQ API endpoints, allowing unauthenticated attackers to retrieve inactive draft or review-only FAQ content. Specifically, GET /api/v3.1/faq/categoryId/faqId returns the inactive FAQ title and...

6.9CVSS0.00214EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-56778 n8n - Authorization Bypass in Public API Execution Retry Endpoint

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...

6.4CVSS0.00174EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42264

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...

6.4CVSS6.1AI score0.00174EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/07/06 8:55 p.m.9 views

Coder's workspace app upsert allows cross-workspace agent rebinding via user-controlled app ID

Summary UpsertWorkspaceApp overwrites an existing app's agentid on a primary-key conflict and insertAgentApp accepts the app ID from the provisioner's CompleteJob payload without verifying it belongs to the workspace being built. CompleteJob runs under dbauthz.AsProvisionerd so the authorization...

8.7CVSS5.9AI score0.00508EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/24 7:17 p.m.13 views

CVE-2026-53949

Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private fields via a brute force attack. If SQLite was used as the database password hashes were fully...

5.3CVSS0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 3:47 p.m.7 views

CVE-2026-54307

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...

8.5CVSS5.7AI score0.00315EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 3:47 p.m.35 views

CVE-2026-54307

Summary: CVE-2026-54307 affects n8n prior to versions 1.123.55, 2.25.7, and 2.26.2, where a member-level editor of a shared workflow could reference credentials they do not own due to partial credential ownership checks, enabling cross-user credential access via public API endpoints. The issue is...

9.6CVSS5.8AI score0.00315EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/18 10:16 p.m.15 views

CVE-2026-49205

phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this-userHasPermissionPermissionType::BACKUP. The same fix was not applied to 4 other write endpoints...

6.5CVSS0.0024EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 9:37 a.m.2 views

SUSE-SU-2026:22158-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issue: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.17 views

PT-2026-50801

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.4 Description Missing authorization in the public API allows users to bypass role permission checks. The system only verifies a shared API key header via the hasValidToken function instead of validating individua...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/12 6:28 p.m.14 views

EUVD-2026-32590

Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign...

9CVSS5.2AI score0.00292EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-48693

exception struct is a local stack variable, but the code passes its address to the C language as &mut exception struct as mut as mut c void. Then, the returned MetaCallException value is stored here: rust OkSelf exception struct: Arc::newexception struct, value: exception ptr, leak: false, Becaus...

5.5AI score
Exploits0References4
CVE
CVE
added 2026/05/28 6:22 p.m.23 views

CVE-2026-45332

Affected software: Automad (flat-file CMS/template engine). Vulnerability: Broken Access Control allowing an unauthenticated attacker to retrieve bcrypt password hashes of all administrator accounts (and, in 2.0.0-beta.27, TOTP secrets) via the publicly accessible /_api/user-collection/create-fir...

7.5CVSS5.8AI score0.00298EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/27 5:5 p.m.49 views

CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...

4.2CVSS0.00163EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/21 2:46 p.m.164 views

Exploit for CVE-2026-9082

CVE-2026-9082 / Drupal SA-CORE-2026-004 Proof of Concept...

6.5CVSS6.6AI score0.84631EPSS
Exploits14
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.17 views

MCP Registry 跨站脚本漏洞

MCP Registry is an open-source MCP server application store developed by Model Context Protocol. Versions of MCP Registry prior to 1.7.7 contained a cross-site scripting vulnerability. This vulnerability originated from the public directory UI; server-side validation only checked whether the URL...

5.4CVSS5.8AI score0.00167EPSS
Exploits1References1
OSV
OSV
added 2026/05/07 3:58 a.m.1 views

CVE-2026-41142 OpenEXR is Vulnerable to Integer overflow in ImageChannel::resize leads to heap OOB write via OpenEXRUtil public API

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...

8.8CVSS5.8AI score0.00355EPSS
Exploits1References10
CVE
CVE
added 2026/05/04 6:26 p.m.28 views

CVE-2026-42227

The CVE affects n8n (open source workflow automation) prior to versions 1.123.32, 2.17.4, and 2.18.1. An authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying a projectId to the public API variables endpoint. The h...

6.5CVSS5.8AI score0.00203EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/04/24 11:51 a.m.2 views

SUSE-SU-2026:1608-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issues: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.3AI score0.00476EPSS
Exploits1References3
NVD
NVD
added 2026/04/21 3:16 a.m.7 views

CVE-2026-6675

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to Unauthenticated Open Email Relay in all versions up to, and including, 2.2.0. This is due to insufficient authorization checks and missing server-side validation of the recipient email address supplie...

5.3CVSS0.00325EPSS
Exploits0References7
Rows per page
Query Builder