Lucene search
K

965 matches found

CVE
CVE
added 2026/03/26 1:23 p.m.28 views

CVE-2026-33343

etcd: Nested transactions bypass RBAC checks allow an authenticated user with restricted key-range permissions to bypass key-level authorization and access the entire data store. Affected versions are prior to 3.4.42, 3.5.28, and 3.6.9. A patch exists in these series; upgrading to 3.4.42, 3.5.28,...

6.5CVSS5.8AI score0.0021EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/26 1:23 p.m.6 views

CVE-2026-33343 etcd: Nested etcd transactions bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...

5.9AI score0.0021EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/26 1:23 p.m.24 views

CVE-2026-33343 etcd: Nested etcd transactions bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...

0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/24 11:42 a.m.6 views

CVE-2026-33211

A flaw was found in Tekton Pipelines, specifically in the Tekton Pipelines git resolver. A tenant with permissions to create ResolutionRequests can exploit a path traversal vulnerability via the pathInRepo parameter. This allows the tenant to read arbitrary files from the resolver pod's filesyste...

9.6CVSS5.9AI score0.00573EPSS
Exploits0References11
NVD
NVD
added 2026/03/20 11:16 p.m.5 views

CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

9.1CVSS0.01557EPSS
Exploits1References177
Snyk
Snyk
added 2026/03/18 4:41 a.m.9 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
OSV
OSV
added 2026/03/18 3:14 a.m.10 views

CVE-2026-32254 Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

7.1CVSS6.3AI score0.00297EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/18 3:14 a.m.4 views

CVE-2026-32254 Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

7.1CVSS5.8AI score0.00297EPSS
Exploits1References3
NVD
NVD
added 2026/03/17 8:16 p.m.12 views

CVE-2026-4064

Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authenticated user with any valid token to bypass role-based access controls and perform privileged operations — including reading sensitive data, creating or deleting resources, and...

8.3CVSS0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/17 10:54 a.m.35 views

CVE-2026-26929 Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata

Apache Airflow versions 3.0.0 through 3.1.7 FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dagid set to "" wildcard for all DAGs. As a result, version metadata of DAGs that the requester is not authorized to access is returned. Users ar...

0.00406EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.9 views

PT-2026-25978

Name of the Vulnerable Software and Affected Versions Kube-router versions prior to 2.8.0 Description Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. This impacts multi-tenant clusters where untrusted user...

7.1CVSS6.9AI score0.09274EPSS
Exploits4References10
SUSE CVE
SUSE CVE
added 2026/03/12 8:52 a.m.8 views

SUSE CVE-2026-31838

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

6.9CVSS5.8AI score0.00214EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 6:30 p.m.2 views

GHSA-GHC4-35X6-CRW5 Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation

Summary The Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating each header value individually, Envoy concatenates all values into a single comma-separated...

7.5CVSS5.8AI score0.00293EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.7 views

CVE-2026-3786

A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument order results in sql injection. The attack can be launched remotely. The exploit...

8.8CVSS6.4AI score0.00276EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Envoy 安全漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. There are security vulnerabilities in versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13. These vulnerabilities stem from logical flaws in the role-based access control filter, which may...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/09 8:11 p.m.38 views

CVE-2026-25045 Budibase Critical Privilege Escalation & IDOR via Missing RBAC on User Role Management (Creator-Role)

Budibase is a low code platform for creating internal tools, workflows, and admin panels. This issue is a combination of Vertical Privilege Escalation and IDOR Insecure Direct Object Reference due to missing server-side RBAC checks in the /api/global/users endpoints. A Creator-level user, who...

8.7CVSS0.00292EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/08 10:32 p.m.3 views

CVE-2026-3786 EasyCMS Request Parameter RbacuserAction.class.php sql injection

A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument order results in sql injection. The attack can be launched remotely. The exploit...

6.5CVSS5.6AI score0.00276EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/03/08 10:32 p.m.2 views

CVE-2026-3785

A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument order leads to sql injection. The attack can be initiated remotely. The exploit is...

6.5CVSS6.4AI score0.00276EPSS
Exploits1References4
CVE
CVE
added 2026/03/08 10:32 p.m.17 views

CVE-2026-3785

CVE-2026-3785 affects EasyCMS up to 1.6. The vulnerability is in an unknown function in /RbacnodeAction.class.php (Request Parameter Handler); manipulating the _order argument triggers remote SQL injection. An exploit is publicly available. Remediation guidance from connected sources suggests res...

8.8CVSS6.4AI score0.00276EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.4 views

openSUSE 16 Security Update : kubevirt (openSUSE-SU-2026:20281-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20281-1 advisory. Update to version 1.7.0 bsc1257128. Security issues fixed: - CVE-2025-64435: logic flaw in the virt-controller can lead to incorrect status...

8.5CVSS7.3AI score0.00478EPSS
Exploits6References25
Rows per page
Query Builder