Lucene search
+L

170 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-59235

Missing Authorization CWE-862 in BankAccountListController app/Http/Controllers/Api/BankAccount/BankAccountListController.php, exposed at GET /api/bank-account, in Prospero Flow CRM companyid-get, performing only company scoping and no role or permission check before returning the data. This...

8.7CVSS6.2AI score0.00413EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2 days ago8 views

CVE-2026-8919

Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...

7.2CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 2 days ago12 views

CVE-2026-8919

CVE-2026-8919 affects ASUS GameSDK. A permissive cross-domain policy with untrusted domains could let a remote user induce a local UNC request to the application’s local service endpoint, exposing a local NTLM hash and enabling information disclosure, data tampering, or service disruption. The is...

7.2CVSS6.1AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-8919

Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...

7.2CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-15477

Bahmni bahmnicore (up to 0.93) is affected in the Search Endpoint (file /openmrs/ws/rest/v1/bahmnicore/sql), specifically the function additionalParams. A manipulated argument can lead to SQL injection, with remote exploitation possible and public exploit details. Remediation: upgrade to 0.93.1, ...

6.5CVSS6.4AI score0.00319EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/10 4:31 a.m.34 views

CVE-2026-15286 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.5.32 - Incorrect Authorization to Authenticated (Contributor+) Post Publication

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'getitemspermissioncheck' function permission callback of the...

4.3CVSS0.00268EPSS
Exploits0References4
CVE
CVE
added 2026/07/07 10:44 p.m.14 views

CVE-2026-55077

CVE-2026-55077 affects CodeR (github.com/coder/coder) prior to certain patched releases. The vulnerable endpoint is PUT /api/v2/users/{user}/password, which previously allowed a user-admin to reset an owner’s password because the permission set was limited to ActionUpdatePersonal and did not requ...

7.2CVSS6AI score0.00615EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/06/15 12:16 p.m.14 views

CVE-2026-34026

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

7.1CVSS0.00394EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Student-Management-System 访问控制错误漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from improper handling of the parameter “stimg” in the file service/RegisterService.php on the registration endpoin...

7.5CVSS7.2AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.14 views

CVE-2026-45192

A bug in the GET /api/v2/connections/connectionid REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's extra JSON blob under field names not present in the redaction allowlist DEFAULTSENSITIVEFIELDS —...

6.5CVSS5.4AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.12 views

CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/06/05 12:0 a.m.60 views

📄 Lyrion Music Server 9.2.0 Arbitrary Directory Listing

Lyrion Music Server version 9.2.0 exposes a readdirectory query through both its CLI service TCP port 9090 and its HTTP JSON-RPC endpoint /jsonrpc.js that takes a folder parameter and lists its contents with no restriction to the configured media directories and no authentication in the default...

6.9CVSS5.7AI score0.00294EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/05/28 6:45 a.m.13 views

CVE-2026-8682 3D Viewer <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Modification via settings REST endpoint

The 3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00232EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/26 2:45 a.m.49 views

CVE-2026-9524 xianrendzw EasyReport REST Endpoint execute sql injection

A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportParams can lead to sql injection. The attack can be launched remotely. The vendor was contacted early...

6.5CVSS0.00246EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.12 views

PT-2026-43180

A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522 Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportParams can lead to sql injection. The attack can be launched remotely. The vendor was contacted earl...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

MaxKB 访问控制错误漏洞

MaxKB is an open-source question-answering system based on large language models and RAG, developed by 1Panel-dev. Prior to MaxKB 2.9.0, there was an access control vulnerability. This vulnerability stemmed from the Webhook trigger endpoint/api/trigger/v1/webhook/triggerid, which allowed access...

7.5CVSS5.9AI score0.00271EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 7:35 a.m.13 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query. An attacker can access sensitive information, including model names, version descriptions, source URIs, tags, and other...

7.1CVSS6.6AI score0.00441EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/20 8:23 a.m.11 views

EUVD-2026-31072

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...

9.3CVSS6AI score0.00338EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 7:16 a.m.20 views

CVE-2026-7385

The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attackers to enumerate registered user email addresses...

5.8CVSS0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.11 views

4D Server 代码问题漏洞

4D Server is a database server platform developed by the French company 4D. There are code vulnerabilities in 4D Server. These vulnerabilities stem from weaknesses in the XML parser function of the SOAP endpoint, allowing unauthenticated attackers to gain read access to files on the application...

8.7CVSS6.1AI score0.00447EPSS
Exploits2References2
Rows per page
Query Builder