Lucene search
K

164 matches found

NVD
NVD
added 2026/07/07 3:16 p.m.6 views

CVE-2026-12352

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 2:31 p.m.7 views

EUVD-2026-42047

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS6AI score0.00259EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/07 2:31 p.m.7 views

CVE-2026-12352

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS6AI score0.00259EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 2:31 p.m.16 views

CVE-2026-12352

Technical details (affected products/versions, root cause, exploit conditions, or remediation) are not publicly provided in the supplied documents. Monitor for updates on CVE-2026-12352.

5.9CVSS6AI score0.00259EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 2:31 p.m.35 views

CVE-2026-12352 Incorrect Authorization

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.12 views

PT-2026-56192

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description An unauthenticated actor can bypass authentication to gain access to restricted resources on the device. Recommendations At the moment, there is no information...

5.9CVSS6.1AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/07/06 3:16 p.m.9 views

CVE-2026-7185

A validation vulnerability has been identified in certain web features related to file management or upload in several products of the TAO 2.0 suite. This vulnerability could allow an attacker capable of interacting with the affected feature to attempt to access file system resources outside the...

6CVSS0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 6:11 p.m.37 views

CVE-2026-49288 Statamic CMS missing authorization on Control Panel fieldtype endpoints allows disclosure of restricted resources

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.23 and 6.20.0, an authenticated Control Panel user could view metadata and content for resources they don't have permission to view, including entries, assets, users, roles, groups, and other configured resources...

4.3CVSS0.00162EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 6:11 p.m.7 views

CVE-2026-49288

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.23 and 6.20.0, an authenticated Control Panel user could view metadata and content for resources they don't have permission to view, including entries, assets, users, roles, groups, and other configured resources...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2026/05/30 8:55 a.m.12 views

Missing Authorization

Drupal Authenticator Login is vulnerable to Missing Authorization. The vulnerability is due to improper authorization checks in the Authenticator Login component, which allows an attacker to perform forceful browsing and access restricted functionality or resources without proper authorization...

9.8CVSS5.4AI score0.00401EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/13 9:32 p.m.10 views

EUVD-2026-30093

Incorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources...

7.2CVSS5.8AI score0.00277EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 7:1 p.m.7 views

CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities

Incorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources...

7.2CVSS5.8AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Palo Alto Networks Trust Protection Foundation 代码问题漏洞

Palo Alto Networks Trust Protection Foundation is a machine identity and certificate security management platform provided by Palo Alto Networks. There is a code vulnerability in Palo Alto Networks Trust Protection Foundation, which stems from incorrect authorization. This vulnerability could all...

7.2CVSS5.9AI score0.00277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.16 views

PT-2026-40766

Incorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources...

7.2CVSS5.8AI score0.00277EPSS
Exploits0References2
NVD
NVD
added 2026/04/28 7:37 p.m.5 views

CVE-2026-41912

OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources...

7.6CVSS0.0021EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:10 p.m.4 views

CVE-2026-41912

OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources...

7.6CVSS5.2AI score0.0021EPSS
Exploits0References4
CVE
CVE
added 2026/04/28 6:10 p.m.12 views

CVE-2026-41912

OpenClaw (npm package) before 2026.4.8 is affected by a Server-Side Request Forgery (SSRF) policy bypass via Interaction-Triggered Navigation. The issue allows browser interactions to trigger navigations that bypass normal SSRF checks, potentially enabling access to restricted resources. Affected...

7.6CVSS5.3AI score0.0021EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 had code vulnerabilities. These vulnerabilities stemmed from a server-side request forgery strategy that bypassed security measures. This could allow attackers to trigger...

7.6CVSS5.9AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35794

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.8 Description A server-side request forgery SSRF policy bypass allows attackers to trigger navigations that circumvent standard SSRF checks. By exploiting browser interactions, attackers can bypass these...

7.6CVSS5.9AI score0.0021EPSS
Exploits0References7
Snyk
Snyk
added 2026/04/25 11:30 p.m.7 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict via a mismatch in path normalization between components. An attacker can gain unauthorized access to restricted resources or perform actions without proper authentication by crafting requests with specially...

10CVSS5.8AI score0.00368EPSS
Exploits0References3
Rows per page
Query Builder