Lucene search
+L

74 matches found

Cvelist
Cvelist
added yesterday12 views

CVE-2026-7872 Path Traversal Vulnerability in File Component Leading to Arbitrary File Read and Authentication Bypass

IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files including the JWT signing key and forge authentication tokens for any user...

7.5CVSS
Exploits0References1
CVE
CVE
added yesterday18 views

CVE-2026-7872

Summary: The vulnerability CVE-2026-7872 affects Langflow OSS 1.0.0–1.10.0, via a path traversal flaw in the File component’s tar archive extraction. An authenticated attacker can craft a tar with symbolic links, bypassing validation and causing extraction to create links outside the intended dir...

7.5CVSS5.5AI score
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-54733

The Moodle integration for Microsoft 365/Entra ID (local_o365) is vulnerable prior to 4.5.6, 5.0.5, and 5.1.1. The Teams SSO endpoint sso_login.php base64-decodes a JWT payload and authenticates users based on the upn claim without verifying the JWT signature, enabling an unauthenticated attacker...

9.3CVSS6.1AI score0.00915EPSS
Exploits0References7
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-56451

A vulnerability has been identified in Opcenter X All versions V2604. Affected applications do not properly validate the algorithm specified in the JSON Web Token JWT header. This could allow an unauthenticated remote attacker to forge arbitrary JWT, bypass authentication mechanisms and impersona...

10CVSS0.00384EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 5:48 p.m.32 views

CVE-2026-50160

Hoppscotch self-hosted deployments (Hoppscotch-backend

10CVSS6.1AI score0.0059EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/06/21 1:26 p.m.11 views

EUVD-2026-38170

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.8CVSS5.9AI score0.00407EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 a.m.13 views

CVE-2026-48526

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.5AI score0.00394EPSS
Exploits1References4
Snyk
Snyk
added 2026/05/28 4:50 p.m.10 views

Unintended Proxy or Intermediary ('Confused Deputy')

Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the uri parameter being passed directly to urllib.request.urlopen, which allows fetching resources using unsupported schemes such as file, ftp, and data. An attacker can access...

4.8CVSS5.9AI score0.00181EPSS
Exploits1References2
CVE
CVE
added 2026/05/16 3:28 p.m.20 views

CVE-2021-47942

CVE-2021-47942 concerns Home Assistant Community Store (HACS) 1.10.0. The vulnerability is a path traversal flaw exposed via the /hacsfiles/ endpoint, allowing unauthenticated attackers to read sensitive files (notably .storage/auth) and retrieve credentials/refresh tokens. With this access, an a...

8.7CVSS5.8AI score0.00498EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/30 8:48 p.m.12 views

CVE-2026-6911

Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the...

9.8CVSS5.4AI score0.00254EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/27 11:32 p.m.125 views

Exploit for Authentication Bypass by Spoofing in Python-Jwt_Project Python-Jwt

CVE-2022-39227 JWT Authentication Bypass Demo Project Goal...

9.1CVSS5.4AI score0.0366EPSS
Exploits2
Cvelist
Cvelist
added 2026/04/27 2:21 p.m.36 views

CVE-2026-40514 SmarterTools SmarterMail < Build 9610 Cryptographic Weakness via Weak RNG

SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000...

8.2CVSS0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 5:57 p.m.58 views

CVE-2026-39911 Hashgraph Guardian 3.5.1 Unsandboxed JavaScript Execution RCE

Hashgraph Guardian through version 3.5.1, fixed in commit 45fbe2f, contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directl...

8.8CVSS0.00545EPSS
Exploits0References3
CVE
CVE
added 2026/04/07 4:50 p.m.29 views

CVE-2026-23696

Windmill CVE-2026-23696 affects Windmill CE/EE versions 1.276.0–1.603.2. The vulnerability is an SQL injection in the folder ownership management functionality that can be triggered by an authenticated user via the owner parameter, enabling reading of sensitive data (e.g., JWT signing secret and ...

9.9CVSS6.4AI score0.05064EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.10 views

PT-2026-30914

Name of the Vulnerable Software and Affected Versions Windmill CE and EE versions 1.276.0 through 1.603.2 Description Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality. Authenticated attackers can inject SQL...

9.9CVSS6.4AI score0.05064EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.14 views

LoLLMs 安全漏洞

LoLLMs is a large language and multimodal system personally developed by Saifeddine ALOUI. Version 2.1.0 of LoLLMs contains a security vulnerability. This vulnerability arises from the use of weak keys for signing JSON Web Tokens, leading to improper access control. This could allow attackers to...

9.8CVSS7.3AI score0.0054EPSS
Exploits1References2
CVE
CVE
added 2026/04/02 3:6 p.m.16 views

CVE-2026-33746

Convoy (KVM server management panel) is vulnerable in versions 3.9.0-beta through

9.8CVSS5.9AI score0.003EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29788

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

9.8CVSS5.9AI score0.003EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/31 3:44 p.m.3 views

CVE-2026-34240

JOSE is a Javascript Object Signing and Encryption JOSE library. Prior to version 0.3.5+1, a vulnerability in jose could allow an unauthenticated, remote attacker to forge valid JWS/JWT tokens by using a key embedded in the JOSE header jwk. The vulnerability exists because key selection could tre...

7.5CVSS5.8AI score0.0013EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.5 views

CVE-2026-33322

MinIO is a high-performance object storage system. From RELEASE.2022-11-08T05-27-07Z to before RELEASE.2026-03-17T21-25-16Z, a JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the OIDC ClientSecret to forge arbitrary identity tokens and...

9.2CVSS5.8AI score0.0041EPSS
Exploits0References1
Rows per page
Query Builder