Lucene search
+L

188 matches found

Nuclei
Nuclei
added yesterday16 views

Flowise - NVIDIA NIM Endpoints Missing Authentication

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generati...

9.8CVSS6.1AI score0.3625EPSS
Exploits2References3
CVE
CVE
added 3 days ago50 views

CVE-2026-44761

SAP Commerce Cloud is affected by CVE-2026-44761, where a sample OAuth2 client may retain publicly documented sample credentials from SAP Help Portal configuration. If left unchanged, an unauthenticated attacker could obtain a valid access token and invoke certain APIs to read and modify data, re...

9.1CVSS6.1AI score0.00352EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-57885

Name of the Vulnerable Software and Affected Versions PasswordPusher versions prior to 2.9.2 Description An issue exists where passphrase-protected pushes are susceptible to brute-force attacks. The 'POST /p/:token/access' endpoint lacks route-specific rate limiting and per-push lockout mechanism...

8.7CVSS6.1AI score0.00304EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 7:16 p.m.12 views

CVE-2026-56767

Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth tokens. Attackers can read plaintext Google and Airtable access tokens, modify, delete, or execute...

8.8CVSS0.0033EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 7:17 p.m.12 views

CVE-2026-53862

OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay bootstrap tokens before approval to escalate pairing authority beyond intended scope limits...

5.4CVSS0.00088EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.27 views

CyberArk Idira Secrets Manager SaaS Edge 访问控制错误漏洞

CyberArk Idira Secrets Manager SaaS Edge is a distributed confidential access node component offered by the American company CyberArk. Versions of CyberArk Idira Secrets Manager SaaS Edge prior to version 1.8 contained an access control vulnerability. This vulnerability stemmed from improper acce...

9.1CVSS5.4AI score0.00503EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-48153

The RemoteControl API methods invite participants and remind participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

8.8CVSS5.8AI score0.00358EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/08 12:6 p.m.9 views

CVE-2026-7765 User Messages widget leaked issuer messages on shared dashboards

Incorrect authorization in the User Messages dashboard widget in Checkmk 2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing an attacker who knows a valid public dashboard share token to read the issuer's personal messages by...

6.3CVSS5.4AI score0.00187EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:18 p.m.12 views

CVE-2026-46401 HAX CMS PHP has Insufficient Session Expiration

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.0 suffer from an improper session termination vulnerability where authentication tokens remain valid after user logout. This allows attackers who obtain valid tokens to maintain persistent access to...

5.3CVSS5.5AI score0.00311EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/05 4:22 p.m.21 views

NocoDB: Missing Ownership Check in MCP Attachment Read

Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. Details The MCP readAttachment tool accepts...

2.3CVSS5.5AI score0.00209EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-47027

Name of the Vulnerable Software and Affected Versions UDS Identity Config versions 0.11.0 through 0.26.0 Description A logic error exists in the client-kubernetes-secret Keycloak client authenticator. This error causes the submitted client secret to be overwritten with the mounted Kubernetes secr...

10CVSS5.4AI score0.00341EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/04 9:20 a.m.44 views

CVE-2026-50214 Shared Secret Quota Inflation

The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans...

9.3CVSS0.00167EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 2:12 p.m.32 views

GHSA-2H32-95RG-CPPP Vitest browser mode serves unsanitized otelCarrier query parameter as inline script

Summary Vitest browser mode served /vitesttest/ with the otelCarrier query parameter inserted directly into an inline module script. Because this value was treated as JavaScript source rather than data, an attacker could craft a browser-runner URL that executes arbitrary JavaScript in the Vitest...

9.6CVSS6.1AI score0.00367EPSS
Exploits0References4
OSV
OSV
added 2026/06/01 11:39 a.m.8 views

BIT-ELK-2026-33463 Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access

Operation on a Resource after Expiration or Termination CWE-672 in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a time-bounded access token to remain usable beyond its intended validity window, enabling an unauthenticate...

5.3CVSS5.8AI score0.00238EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 6:52 p.m.8 views

CVE-2026-40166

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the clientsecret of confidential OAuth2 providers they have previously authenticated against, exposing...

7.1CVSS5.7AI score0.0046EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016635 advisory. Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending ...

4.3CVSS6.8AI score0.02013EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.17 views

PT-2026-42675

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description The OAuth token strategy attaches oauth scope and oauth granted resources to the request user, but the ACL Access Control List middleware fails to consult these values. Consequently, an OAuth toke...

2CVSS5.8AI score0.00151EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42634

Summary The OAuth token strategy attached oauth scope and oauth granted resources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited the full permissions of the underlying user across all routes; the...

2CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 2026/05/14 9:5 p.m.9 views

EUVD-2026-30487

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the public catalogue UI served at GET / file internal/api/handlers/v0/uiindex.html is vulnerable to stored cross-site scripting via the server.websiteUrl field of any published...

5.1CVSS5.8AI score0.00167EPSS
Exploits1References1
OSV
OSV
added 2026/05/12 8:17 p.m.3 views

CVE-2026-44010 Craft CMS: Missing Authorization in GraphQL Address Resolver Allows Cross-Scope PII Disclosure

Craft CMS is a content management system CMS. From 4.0.0 to before 4.17.12 and 5.9.18, the GraphQL Address element resolver src/gql/resolvers/elements/Address.php performs no schema scope filtering on top-level queries. A GraphQL API token scoped to a single low-privilege user group can read ever...

7.1CVSS6.6AI score0.00338EPSS
Exploits0References4
Rows per page
Query Builder