Lucene search
K

167 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42882

Capgo before 12.128.2 contains an authentication bypass vulnerability in the password change endpoint that allows attackers to change user passwords without requiring current password confirmation. Attackers with temporary session access can exploit this flaw to permanently lock out legitimate...

8.7CVSS6.1AI score0.00357EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 9:18 p.m.26 views

CVE-2026-43918

FOSSBilling before 0.8.0 does not invalidate existing sessions for suspended or inactive accounts. The session identity loaders (loggedin_client and loggedin_admin) only reject sessions if the backing account record no longer exists; they do not check that the account’s status remains active. Thi...

8.7CVSS5.9AI score0.00235EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 9:18 p.m.3 views

CVE-2026-43918 Suspended or inactive FOSSBilling accounts can retain or regain access through existing sessions, API tokens, and password reset flows

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, when a client or staff/admin account is suspended or marked inactive, existing authenticated sessions are not invalidated. The session identity loaders in src/di.php loggedinclient and loggedinadmin...

8.7CVSS5.9AI score0.00235EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 5:21 p.m.7 views

DRUPAL-CONTRIB-2026-067

This module enables you to test and run AI-driven workflows interactively through a chat interface. The module doesn't sufficiently enforce permissions on certain endpoints. Attackers may be able to trigger workflow execution incurring LLM spend and tool side effects or send messages into other...

5.4CVSS5.9AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50520

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.368 Description An authorization bypass exists in the get profile cookie function, which accepts unauthenticated profile names from the hermes profile cookie. An authenticated attacker can forge the value of...

8.6CVSS6.1AI score0.00365EPSS
Exploits0References11
CVE
CVE
added 2026/06/12 5:7 p.m.261 views

CVE-2026-48558

Summary of vulnerability (CVE-2026-48558) : SimpleHelp versions 5.5.15 and earlier and 6.0 pre-release contain an authentication bypass in the OpenID Connect (OIDC) flow. When OIDC is configured, identity tokens are accepted without cryptographic signature verification, allowing a remote, unauthe...

10CVSS5.5AI score0.0116EPSS
In wildExploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.12 views

CVE-2026-45743

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by sessionId. An authenticated attacker who knows or...

8.1CVSS5.6AI score0.00282EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.10 views

CVE-2026-8293

The Really Simple Security WordPress plugin before 9.5.10.1 does not enforce the second-factor challenge in two of its two-factor authentication REST endpoints, allowing an attacker who knows a user's password to obtain a WordPress authentication session for that user without completing the email...

7.5CVSS5.5AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.22 views

PT-2026-44211

A stored cross-site scripting XSS vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert names were rendered in the notification bell dropdown using innerHTML without adequate sanitization...

6.3CVSS5.9AI score0.00258EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.17 views

CVE-2026-34686

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

8.7CVSS5.8AI score0.00402EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 2:40 p.m.37 views

CVE-2026-41574

CVE-2026-41574 affects Nhost’s OAuth linking logic in the Go controller. The defect stems from trusting a provider’s EmailVerified flag when linking an incoming OAuth identity to an existing account. Several providers (Discord, Bitbucket, AzureAD, EntraID) either do not populate or misreport emai...

9.8CVSS5.8AI score0.00809EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/05/03 9:55 a.m.8 views

OESA-2026-2137 python-flask security update

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks...

4.3CVSS5.7AI score0.00374EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/18 7:22 a.m.6 views

CVE-2026-24749

The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which...

5.3CVSS5.5AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2026/04/16 6:16 p.m.8 views

CVE-2026-24749

The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which...

5.3CVSS0.00398EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:27 p.m.3 views

CVE-2026-35636

OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where sessionstatus resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that should be blocked...

7.1CVSS5.9AI score0.00259EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.12 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Undertow vulnerability (USN-8144-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8144-1 advisory. It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker...

9.6CVSS7.4AI score0.01179EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/03 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-8144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS5.9AI score0.01179EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/04/02 8:22 a.m.14 views

USN-8144-1: Undertow vulnerability

It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker could possibly use this issue to gain unintended access to user sessions...

9.6CVSS7.4AI score0.01179EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29966

It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker could possibly use this issue to gain unintended access to user sessions...

9.6CVSS5.9AI score0.01179EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/21 12:42 a.m.26 views

CVE-2026-32050 OpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check Bypass

OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in signal reaction notification handling that allows unauthorized senders to enqueue status events before authorization checks are applied. Attackers can exploit the reaction-only event path in event-handler.ts to queue...

6.3CVSS0.0021EPSS
Exploits0References3
Rows per page
Query Builder