Lucene search
+L

216 matches found

NVD
NVD
added yesterday10 views

CVE-2026-15909

A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kdcs leads to authorization bypass. The attack is possible to be carried out remotely. This produ...

6.5CVSS0.00211EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday6 views

CVE-2026-15909

A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kdcs leads to authorization bypass. The attack is possible to be carried out remotely. This produ...

6.5CVSS6.3AI score0.00211EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43599

A flaw has been found in poco-ai poco-claw up to 0.5.4. Affected is the function getworkspacefile of the file executormanager/app/api/v1/workspace.py of the component Workspace API. Executing a manipulation of the argument userid can lead to authorization bypass. The attack may be launched...

6.9CVSS5.9AI score0.00353EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-15594

A vulnerability was found in waooAI waoowaoo up to 0.4.1. Impacted is the function stablePublicIdFromStorageKey in the library src/lib/media/hash.ts of the component Media Handler. The manipulation of the argument storageKey results in improper authorization. The attack may be performed from...

6.3CVSS5.5AI score0.00298EPSS
Exploits0References6Affected Software1
NVD
NVD
added 5 days ago7 views

CVE-2026-15510

A vulnerability was found in Leantime up to 3.8.0. Affected is the function Setting::saveSetting of the component API. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early...

6.5CVSS0.00333EPSS
Exploits0References5
NVD
NVD
added 5 days ago10 views

CVE-2026-15473

A vulnerability was identified in Eleveo Call Recording Software 9.7.0. This issue affects some unknown processing of the file /callrec/restoreCallAction.do of the component Recorded Calls Page. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. T...

6.5CVSS0.00201EPSS
Exploits0References5
NVD
NVD
added last week7 views

CVE-2026-15373

A vulnerability was detected in Eleveo Call Recording Software 9.7.0. The impacted element is an unknown function of the file /callrec/userAddAction.do. Performing a manipulation of the argument role results in improper authorization. It is possible to initiate the attack remotely. The exploit is...

6.5CVSS0.00256EPSS
Exploits0References5
NVD
NVD
added last week6 views

CVE-2026-15374

A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00256EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/10 3:0 p.m.8 views

EUVD-2026-42923

A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.3AI score0.00256EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/06 12:30 a.m.7 views

EUVD-2026-41793

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajaxenroll.php of the component Enrollment Management. The manipulation of the argument studentid/scheduleid/action leads to improper...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References7
NVD
NVD
added 2026/07/05 2:16 p.m.7 views

CVE-2026-14753

A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assignment Handler. Performing a manipulation of the argument assignmentitemid results in authorization...

7.5CVSS0.00309EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 5:45 a.m.11 views

EUVD-2026-41730

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 2:15 a.m.7 views

CVE-2026-14693

A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancelorder of the file classes/Master.php. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit h...

5.5CVSS5.8AI score0.0023EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.16 views

PT-2026-55799

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description An authorization bypass exists in the Note Handler/Assignment Handler component within the /PHP/objects/notes file. A remote attacker can trigger this issu...

7.5CVSS7.1AI score0.00309EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:0 a.m.6 views

CVE-2026-13549

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotel...

6.4CVSS5.5AI score0.00293EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/29 4:15 a.m.9 views

CVE-2026-13534

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS5.4AI score0.00199EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/06/29 1:45 a.m.8 views

EUVD-2026-40021

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS5.3AI score0.00264EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 1:9 p.m.8 views

OESA-2026-2689 PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of th...

5.3CVSS5.4AI score0.00222EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/21 10:0 a.m.4 views

CVE-2026-12799

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function uiviewusers of the file litellm/proxy/managementendpoints/internaluserendpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. I...

5.3CVSS5.3AI score0.00288EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/06/21 9:15 a.m.26 views

CVE-2026-12797

Technical details about CVE-2026-12797 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor notices to obtain affected products, vulnerable components, and remediation information.

6.5CVSS6.1AI score0.00226EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder