699 matches found
CVE-2026-9808
An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints utilizing API Platform. Under certain conditions, roles configured with owner-scope restrictions such as viewown or editown are not properly enforced. This allows low-privilege authenticated API users to bypass...
PT-2026-44821
Name of the Vulnerable Software and Affected Versions Mautic versions 7.0.0 through 7.1.1 Description An authorization bypass exists in the API v2 endpoints utilizing API Platform. Roles configured with owner-scope restrictions, such as viewown or editown, are not properly enforced. This allows...
Server-side Request Forgery (SSRF)
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the connector management. An attacker can access internal network resources by bypassing...
CVE-2026-9689
CVE-2026-9689 affects Keycloak, an open-source identity and access management solution. The issue lies in the OIDC redirect URI handling when a client accepts broad redirect URIs, enabling an attacker to craft a special web address that could cause the client to prefer attacker-controlled informa...
CVE-2026-24190
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, a...
CVE-2026-40564 Apache Flink Kubernetes Operator: Server-Side Request Forgery and local file access in Kubernetes Operator
Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...
PT-2026-43333
Name of the Vulnerable Software and Affected Versions NVIDIA Display Driver for Windows and Linux affected versions not specified Description A flaw exists in the kernel mode layer that allows a user to gain improper access to GPU resources. This could result in denial of service, escalation of...
CVE-2026-8381
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
Astra Linux – Vulnerability in Systemd
It was discovered that a Systemd service that uses the DynamicUser property can create a SUID/SGID binary that will be allowed to run as the transient service’s UID/GID even after the service is terminated. A local attacker could exploit this flaw to access resources that will be owned by a...
Astra Linux – Vulnerability in Ruby-Nokogiri
Nokogiri is a Rubygem that provides HTML, XML, SAX, and Reader parsers, with support for XPath and CSS selectors. In Nokogiri versions prior to 1.11.0.rc4, there was an XXE vulnerability. XML schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accesse...
CVE-2026-6394 Nexa Blocks <= 1.1.1 - Unauthenticated Blind Server-Side Request Forgery via 'demo_json_file' Parameter
The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...
CVE-2026-4630 Keycloak: keycloak: unauthorized resource access and data modification via insecure direct object reference
A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference IDOR vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier UUID belonging to another Resource Server within the same realm,...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak. There is a security vulnerability in Keycloak. This vulnerability stems from an insecure direct object reference issue in the authorization service’s protected API endpoints. It allows authenticated clients ...
XML External Entity (XXE) Injection
ome, pom-bio-formats is vulnerable to XML External Entity XXE Injection. The vulnerability is due to insecure configuration of DocumentBuilderFactory while parsing Leica XML metadata files, which allows an attacker to perform SSRF, access local resources, or trigger denial of service through...
CVE-2026-45338
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery SSRF vulnerability exists in processpictureurl in backend/openwebui/utils/oauth.py line 1338. The function fetches arbitrary URLs from OAuth picture...
CVE-2026-45338
Open WebUI CVE-2026-45338 describes an SSRF in _process_picture_url() (oauth.py) where the server fetches URLs from OAuth picture claims without validate_url(), enabling requests to internal resources and exfiltration of the full response. Affected software before the fix: Open WebUI prior to ver...
GHSA-88GH-2526-GFRR DeepSeek TUI has SSRF IPV6 bypass
Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in URL as http://::1, the SSRF defenses do not work. Details...
DeepSeek TUI has SSRF IPV6 bypass
Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in URL as http://::1, the SSRF defenses do not work. Details...
Improper Authorization
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Improper Authorization in the model update process. An attacker can modify resources belonging to other users by sending crafted requests that bypass intended access controls. Remediation Upgrade open-webui t...
PT-2026-41185
Name of the Vulnerable Software and Affected Versions CodeWhale versions prior to 0.8.26 Description Server-Side Request Forgery SSRF occurs when the application fails to properly validate IPv6 addresses provided directly in a URL, such as http://::1. While the system validates hostnames that...