Lucene search
K

48530 matches found

Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-53168

Name of the Vulnerable Software and Affected Versions Databend versions prior to 1.2.882 Description An authorization bypass exists in the HTTP Tenant Handler component. The issue resides in the ClientSessionManager::state key function within the src/query/service/src/servers/http/v1/session/clie...

6.5CVSS6.7AI score0.0022EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 3 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither...

5.8AI score0.00164EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

EulerOS 2.0 SP15 : nghttp2 (EulerOS-SA-2026-2494)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
NVD
NVD
added 5 days ago5 views

CVE-2026-44733

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-44733

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago5 views

CVE-2026-44733

CVE-2026-44733 affects OpenProject (open-source, web-based project management software). Before versions 17.3.2 and 17.4.0 , a Business Logic Error via PATCH to /api/v3/users/me could bypass password requirements. A password validation flaw in the change-password flow allowed password changes onl...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-40082

A flaw was found in Cacti. This vulnerability, known as Session Fixation, occurs because the application does not regenerate the session identifier after a user successfully logs in. A remote attacker could exploit this by tricking a user into authenticating with a predetermined session ID,...

5.4CVSS5.8AI score0.00183EPSS
Exploits1References2
NVD
NVD
added 5 days ago8 views

CVE-2026-50744

A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated. As a result, the leaked...

4.3CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 5 days ago8 views

CVE-2026-50744

Revive Adserver 6.0.7 is affected by a bypass of the admin‑only restriction in the XML‑RPC API. The ox.login method returned a session ID cookie in HTTP headers and, although it reported an error, the session was not invalidated, allowing a leaked session ID to be reused for subsequent API calls ...

4.3CVSS5.9AI score0.00168EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-39600

A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated. As a result, the leaked...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-50744

A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated. As a result, the leaked...

4.3CVSS0.00168EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-39597

The Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the backend REST API. Attackers could potentially reverse the signature to recover the session ID. With the...

8.7CVSS5.9AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-39566

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnerability may allow unauthorized users to authenticate as oth...

7.3CVSS5.9AI score0.00246EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago4 views

EUVD-2025-210341

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS5.9AI score0.00258EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-39576

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS5.9AI score0.0021EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago5 views

EUVD-2025-210338

Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings Security section without supplying the current password or any additional verification, as the application does not enforce a...

8.7CVSS6AI score0.00327EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-53262

A flaw was found in the Linux kernel's pppol2tp module. This Use-After-Free UAF vulnerability arises from improper handling of session references within the pppol2tpioctl function. A local attacker could exploit this by triggering a race condition during data copying, leading to the dereferencing...

7.8CVSS6AI score0.00125EPSS
Exploits0References4
NVD
NVD
added 5 days ago6 views

CVE-2026-9221

The Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the backend REST API. Attackers could potentially reverse the signature to recover the session ID. With the...

8.7CVSS0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-52902

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.2 OpenProject versions prior to 17.4.0 Description A business logic error exists in the password change behavior. This flaw allows an attacker who has achieved an active session takeover to bypass password...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

Curl 8.11.0 < 8.21.0 HTTP/3 Early Data Information Disclosure

The version of curl installed on the remote host is 8.11.0 prior to 8.21.0. It is, therefore, affected by an information disclosure vulnerability: - When libcurl returns to a hostname with a cached SSL session and early data enabled, libcurl might send the request bytes before enforcing the...

5.8AI score
Exploits0References2
Rows per page
Query Builder