Lucene search
K

194 matches found

EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40427

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS5.8AI score0.00322EPSS
Exploits0References3
NVD
NVD
added 3 days ago5 views

CVE-2026-56230

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS0.00322EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago22 views

CVE-2026-56230 Capgo - Broken Object Level Authorization via x-limited-key-id Header

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS0.00322EPSS
Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-10140

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials,...

9.6CVSS0.00201EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-40360

SeaweedFS before 4.34 contains a path traversal vulnerability in the S3 gateway DeleteMultipleObjectsHandler that allows authenticated S3 principals with write access to a single bucket to delete arbitrary objects in other tenants' buckets by supplying object keys containing ../ sequences in the...

8.1CVSS5.9AI score0.00766EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/26 10:41 a.m.10 views

CVE-2026-13325

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52985

Name of the Vulnerable Software and Affected Versions Kestra versions prior to 1.0.45 Kestra versions prior to 1.3.21 Description An access control bypass exists in the previewFileFromExecution endpoint GET '/api/v1/tenant/executions/executionId/file/preview'. This issue allows an authenticated...

6.5CVSS5.9AI score0.00263EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/24 8:32 p.m.20 views

CVE-2026-52812 Gogs: LFS dedupe path leaks private repo content across tenants

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git LFS storage is content-addressed by OID alone /// but per-repo authorization lives in the lfsobject table keyed repoid, oid. serveUpload skips re-uploading when the OID file already exists on disk and inserts a new repoid, oid r...

7.1CVSS0.00236EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 5:17 p.m.8 views

CVE-2026-55611

CVE-2026-55611 affects AnythingLLM. The vulnerability allows cross-tenant IDOR deletion of parsed-files via the endpoint POST /api/workspace/:slug/embed-parsed-file/:fileId. From 1.11.1 to 1.14.1, ownership-scoped access was added for parsed-files reads/deletes, but the delete path still removes ...

5.9AI score0.00236EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 8:54 p.m.13 views

CVE-2026-56120

Affected software: OpenRemote before 1.25.0.Vulnerability: insecure direct object reference (IDOR) in the bulk alarm deletion endpoint.Root cause: removeAlarms() in AlarmResourceImpl.java omits realm-scoping validation in the JPA query, enabling any user with alarm-write permissions to enumerate ...

6AI score
Exploits0
OSV
OSV
added 2026/06/23 5:10 p.m.4 views

GHSA-6P9M-Q3JP-47H4 Gogs: LFS dedupe path leaks private repo content across tenants

Summary Git LFS storage is content-addressed by OID alone /// but per-repo authorization lives in the lfsobject table keyed repoid, oid. serveUpload skips re-uploading when the OID file already exists on disk and inserts a new repoid, oid row pointing at it without verifying the request body hash...

7.1CVSS6AI score0.00236EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/19 12:31 a.m.9 views

EUVD-2026-37956

A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues. Queue messages contained tenant-specific identifiers. The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating this access method...

5.1CVSS5.2AI score0.0017EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 10:16 p.m.12 views

CVE-2026-8668

A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues. Queue messages contained tenant-specific identifiers. The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating this access method...

5.1CVSS0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 9:19 p.m.8 views

CVE-2026-8668

A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues. Queue messages contained tenant-specific identifiers. The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating this access method...

5.1CVSS5.2AI score0.0017EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 9:19 p.m.16 views

CVE-2026-8668

CVE-2026-8668 concerns Chef 360 prior to v1.7.0, where a static credential embedded in the product allowed unauthenticated access to internal message queues containing tenant-specific identifiers. The underlying issue is a hardcoded credential that enables access without authentication; later ver...

5.1CVSS5.2AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.17 views

PT-2026-50804

Name of the Vulnerable Software and Affected Versions Chef 360 versions prior to 1.7.0 Description A static credential embedded in the software allows unauthenticated access to internal message queues. These queue messages contain tenant-specific identifiers. Recommendations Update to version 1.7...

5.1CVSS5.9AI score0.0017EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-50181

Name of the Vulnerable Software and Affected Versions Daytona versions prior to 0.185.0 Description Organization role update and delete endpoints authorized the caller as an owner of the organization in the request path but mutated the target role using only its identifier without verifying the...

7.7CVSS5.8AI score0.00186EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/15 8:36 a.m.11 views

CVE-2026-45831

A flaw was found in the SimpleRBACAuthorizationProvider authorization provider in the ChromaDB Python project. This vulnerability allows an authenticated user to perform actions across different tenants, databases, or collections without proper authorization. The provider incorrectly evaluates us...

8.8CVSS5.2AI score0.00237EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/12 9:3 p.m.26 views

CVE-2026-47124 Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.9, any authenticated non-admin member can connect to the server-status WebSocket and receive telemetry for all servers, including servers owned by other users...

6.5CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 4:16 p.m.14 views

CVE-2026-45830

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS0.00345EPSS
Exploits0References4
Rows per page
Query Builder