Lucene search
K

314 matches found

ATTACKERKB
ATTACKERKB
added yesterday8 views

CVE-2026-54893

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS6AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-28744 Gitea Git smart HTTP bypasses repository token scopes for bearer tokens

Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks...

8.1CVSS0.00343EPSS
Exploits0References4
CVE
CVE
added 4 days ago74 views

CVE-2026-28699

Summary: CVE-2026-28699 affects Gitea up to 1.26.1, where OAuth2 tokens presented via HTTP Basic authentication bypass scope enforcement. Root cause (from connected docs): In services/auth/basic.go, OAuth2 tokens are accepted through the Basic path with LoginMethod and IsApiToken set, but ApiToke...

8.1CVSS7.1AI score0.00566EPSS
Exploits1References4
NVD
NVD
added 4 days ago8 views

CVE-2026-14614

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions FGAP v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not...

5.4CVSS0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-14614 Keycloak-services: keycloak-services: fgap v2 client scope assignment bypass via clientresource

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions FGAP v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not...

5.4CVSS0.00159EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-14614

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions FGAP v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-41556

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions FGAP v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References2
CVE
CVE
added 4 days ago19 views

CVE-2026-14614

The CVE-2026-14614 entry concerns Keycloak’s admin services, specifically the ClientResource component under FGAP v2. It describes a bypass where a delegated administrator can attach or remove hidden client scopes beyond their visibility/permission, potentially injecting unauthorized data or perm...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-14614

A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions FGAP v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 1:19 p.m.12 views

CVE-2026-6556

@fastify/express versions 4.0.6 and earlier only rewrite the plugin prefix for middleware mount paths when the path argument is a string. Non-string mount paths arrays of paths and regular expressions are left unprefixed inside prefixed plugin scopes, so middleware registered with those forms doe...

9.1CVSS0.00295EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-53878

Name of the Vulnerable Software and Affected Versions @fastify/express versions prior to 4.0.7 Description A middleware scoping flaw exists where plugin prefixes are not applied to middleware mount paths when the mount path is provided as an array or a regular expression. This occurs due to...

9.1CVSS6AI score0.00295EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5321 Gitea: Git Smart HTTP Skips Repository Token Scopes for Bearer Tokens in code.gitea.io/gitea

Gitea: Git Smart HTTP Skips Repository Token Scopes for Bearer Tokens in code.gitea.io/gitea...

8.1CVSS5.8AI score0.00343EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 3:59 p.m.19 views

CVE-2026-54573 Authorization Bypass in API Key/OAuth Scopes via Path Parsing Discrepancy

Outline is a service that allows for collaborative documentation. Prior to 1.8.0, the AuthenticationHelper.canAccess function uses ctx.originalUrl to verify if an API key or OAuth token has the required scopes for a request. It extracts the resource by splitting the URL by / and taking the last...

5.3CVSS0.00285EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 3:59 p.m.7 views

CVE-2026-54573

CVE-2026-54573 affects Outline (a collaborative documentation service). Before version 1.8.0, AuthenticationHelper.canAccess uses ctx.originalUrl and extracts the target resource by splitting on “/” and taking the last segment, but does not strip the URL fragment (#). Since Koa’s router uses ctx....

5.3CVSS5.9AI score0.00285EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/17 6:9 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handling of token scope restrictions in the /api/v1/user route group. An attacker can gain unauthorized access to or modify private account resources by using a token or OAuth grant marked as public-only,...

8.6CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 6:9 p.m.5 views

GHSA-WRR5-99H5-GQ57 Gitea: Public-only tokens bypass private-resource restrictions on `/api/v1/user` self routes

Summary Many authenticated self routes under /api/v1/user/... do not enforce the public-only token restriction. As a result, a token or OAuth grant marked public-only, but otherwise carrying the route-required read/write scope category, can access or modify private account resources through self...

8.1CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2026/06/16 11:38 p.m.4 views

GHSA-CC8W-R4QH-3V65 Gitea: Git Smart HTTP Skips Repository Token Scopes for Bearer Tokens

Summary Gitea v1.26.1 enforces repository-scoped access-token permissions on repository operations. In the Git Smart HTTP path, however, this check runs only when the token is presented via HTTP Basic authentication — CheckRepoScopedToken returns early unless ctx.IsBasicAuth is true — so the same...

8.1CVSS5.5AI score0.00343EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 7:17 p.m.10 views

CVE-2026-53862

OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay bootstrap tokens before approval to escalate pairing authority beyond intended scope limits...

5.4CVSS0.00088EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.9 views

PT-2026-49779

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.12 Description A bootstrap token replay issue allows callers with access to a pending bootstrap token to reuse it before approval with a broader requested scope. This can lead to the escalation of pairing...

5.4CVSS5.2AI score0.00088EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.30 views

PT-2026-50134

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description A scope escalation issue exists in the web archive download endpoint. A personal access token with any non-repository scope, such as read:issue or read:misc, can be used to download full...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References8
Rows per page
Query Builder