4 matches found
CVE-2026-56311
Capgo (before 12.128.2) contains an authorization bypass in public.get_current_plan_max_org RPC that allows unauthenticated access to arbitrary organization plan limits. An attacker can call the RPC with any organization UUID using only the public Supabase key to disclose billing information (MAU...
PT-2026-46987
Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description A TOCTOU Time-of-Check to Time-of-Use race condition exists in the SAML.getSession function within internal/pkg/auth/interceptor/saml.go. The system checks the Used flag of a SAMLAssertion...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling by processing JSON Web Encryption JWE tokens with a high compression ratio. An attacker can cause excessive memory allocation and processing time during decompression, leading to a...
Authentication By-Pass Vulnerability in OpenSSH-2.3.1 (devel snapshot)
Please, check http://www.openssh.com/security.html for a full summary of security related issues in OpenSSH. ---------------------------------------------------------------------------- OpenBSD Security Advisory February 8, 2001 Authentication By-Pass Vulnerability in OpenSSH-2.3.1...