Lucene search
K

544 matches found

RedhatCVE
RedhatCVE
added 2026/05/26 2:12 p.m.14 views

CVE-2026-6898

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3Hooks::generateapikey' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 12:0 a.m.18 views

CVE-2026-38587

CVE-2026-38587 is an Insecure Direct Object Reference (IDOR) impacting ONLYOFFICE DocSpace prior to 3.2.1. The flaw exists across multiple REST API endpoints and allows authenticated users with low-level permissions (User or Guest) to retrieve sensitive information such as the Owner’s ID and prof...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/22 12:0 a.m.16 views

CVE-2026-39832

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS5.8AI score0.00338EPSS
Exploits0References5
NVD
NVD
added 2026/05/21 9:16 p.m.19 views

CVE-2026-8135

Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntryList block controller. An rogue administrator with privileges to add blocks to an area can bypass the intended protection mechanism fromCIF === true, which normally...

8.9CVSS0.0047EPSS
Exploits0References1
NVD
NVD
added 2026/05/21 5:16 a.m.19 views

CVE-2026-2734

In mlflow/mlflow versions up to 3.9.0, the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registere...

6.5CVSS0.00441EPSS
Exploits1References2
NVD
NVD
added 2026/05/20 5:16 p.m.21 views

CVE-2026-20223

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...

10CVSS0.00835EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/20 5:31 a.m.13 views

CVE-2026-6566 Photo Gallery, Sliders, Proofing and Themes <= 4.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Image Deletion via REST API

The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 4.2.0. This is due to insufficient object-level authorization in the image deletion REST flow where the permission callback for...

4.3CVSS5.7AI score0.00264EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 11:5 p.m.9 views

CVE-2026-34754 MantisBT allows unauthorized users to upload attachments to restricted issues via REST API

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2...

4.3CVSS5.7AI score0.00248EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/14 3:27 a.m.37 views

CVE-2026-5361 Envira Gallery <= 1.12.4 - Authenticated (Author+) Stored Cross-Site Scripting via 'arrows' Parameter

The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in versions up to and including 1.12.4. This is due to insufficient input sanitization in the updategallerydata function and improper output escaping in the galleryinit function. The...

6.4CVSS0.0035EPSS
Exploits0References6
CVE
CVE
added 2026/05/14 3:27 a.m.20 views

CVE-2026-7648

The LearnPress WordPress LMS plugin (versions up to 4.3.5) is affected by a payment bypass via a user-controlled parameter in the REST API. In add_to_cart(), unsanitized request parameters are passed via array_merge(), allowing an attacker with subscriber-level access or higher to overwrite hardc...

4.3CVSS5.8AI score0.00423EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-40849

The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in versions up to and including 1.12.4. This is due to insufficient input sanitization in the update gallery data function and improper output escaping in the gallery init function. The...

6.4CVSS6AI score0.0035EPSS
Exploits0References7
OSV
OSV
added 2026/05/13 3:31 p.m.8 views

GHSA-P3HX-PWF3-J8WR Nautobot: GitRepository.current_head field should not be writable through REST API

Impact A user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause Nautobot's local clones of the relevant repository to checkout a commit other than the latest...

7.1CVSS5.7AI score0.00277EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40720

Name of the Vulnerable Software and Affected Versions Nautobot versions prior to 2.4.33 Nautobot versions prior to 3.1.2 Description A user with permissions to add or modify a GitRepository record can use the REST API to directly set the current head field, which is not intended to be...

7.1CVSS5.8AI score0.00277EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/05/12 9:2 p.m.35 views

CVE-2026-26289 Subnet Solutions PowerSYSTEM Center Incorrect Authorization

PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only...

8.4CVSS0.00135EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:16 a.m.9 views

CVE-2026-7428

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 9:16 a.m.13 views

CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.16 views

PT-2026-39891

Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description A missing authorization check in the file visibility function allows any authenticated user with REPORTER level access or higher to download attachments from private bugnotes they are not...

7.2CVSS5.8AI score0.0026EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.11 views

PT-2026-39509

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the config file endpoint to achieve remote code...

9.8CVSS6.5AI score0.00587EPSS
Exploits0References4
NVD
NVD
added 2026/05/09 4:16 a.m.20 views

CVE-2026-42137

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, pages.access/list and files.access/list permissions are not consistently checked in the Panel and REST API. This issue has been patched in versions 4.9.0 and 5.4.0...

7.1CVSS0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-38904

Name of the Vulnerable Software and Affected Versions Sky Addons versions prior to 3.3.3 Description The Sky Addons plugin for WordPress allows authenticated attackers with Author-level access or higher to inject arbitrary web scripts. This occurs because the sky-custom-scripts custom post type i...

6.4CVSS5.9AI score0.00244EPSS
Exploits0References10
Rows per page
Query Builder