Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.10 views

Traefik 2.x < 2.11.48 / 3.x < 3.6.19 / 3.7.x < 3.7.3 Authentication Bypass (CVE-2026-48020)

The version of Traefik installed on the remote macOS host is 2.x prior to 2.11.48, 3.x prior to 3.6.19, or 3.7.x prior to 3.7.3. It is, therefore, affected by an authentication bypass vulnerability: - The StripPrefix middleware allows unauthenticated attackers to bypass route-level authentication...

10CVSS6AI score0.00591EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/04/30 6:21 p.m.5 views

CVE-2026-40595 Chartbrew: Incorrect Access Control in public chart and export routes via missing onReport and SharePolicy checks

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes public chart retrieval and export routes that only verify project-level public access and, for exports, a team-level export toggle. Th...

7.5CVSS5.3AI score0.00275EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 6:21 p.m.34 views

CVE-2026-40595 Chartbrew: Incorrect Access Control in public chart and export routes via missing onReport and SharePolicy checks

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes public chart retrieval and export routes that only verify project-level public access and, for exports, a team-level export toggle. Th...

7.5CVSS0.00275EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:21 p.m.4 views

Information Exposure

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Information Exposure through the Pages and legacy PublicAPI routes that do not respect emailVerifySuccessOnInvalidEmail...

6.9CVSS5.8AI score0.00322EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/30 12:0 a.m.5 views

PT-2024-37073 · Simofa · Simofa

Name of the Vulnerable Software and Affected Versions: Simofa versions prior to 0.2.7 Description: Simofa is a tool to help automate static website building and deployment. Due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require...

10CVSS7AI score0.0053EPSS
Exploits0References11
Rows per page
Query Builder