Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/04/08 7:34 p.m.1 views

CVE-2026-39355

Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary non-personal teams to themselves. This enables complete takeover of other users’ team workspaces...

9.9CVSS6.1AI score0.00053EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/04/07 6:56 p.m.2 views

CVE-2026-39355 Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control)

Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary non-personal teams to themselves. This enables complete takeover of other users’ team workspaces...

9.9CVSS6.1AI score0.00053EPSS
Exploits1References1
NVD
NVDadded 2026/01/28 8:16 p.m.2 views

CVE-2025-68933

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, non-admin moderators with the moderatorschangepostownership setting enabled can change ownership of posts in private messages and restricted categories they cannot access, then export...

6.9CVSS0.00051EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-0255

Malware in sbrugna...

8.7CVSS8.5AI score0.00264EPSS
Exploits0References4
Code423n4
Code423n4added 2022/08/07 12:0 a.m.9 views

The lazy update of _currentProxies results in non-owners being able to execute functions that require owner privileges

Lines of code Vulnerability details Impact In the MIMOProxyRegistry contract, the getCurrentProxy function returns the address of the mimoProxy contract corresponding to the owner's address in currentProxies. function getCurrentProxyaddress owner external view override returns IMIMOProxy proxy...

6.9AI score
Exploits0
Hacker One
Hacker Oneadded 2020/09/18 6:33 a.m.39 views

Shopify: Privilege Escalation in Point Of Sale Application from POS Manage Staff Role to potentially Store Owner

I was playing a bit with the Point Of Sale application and it came to my attention that it is possible to navigate from the Point Of Sale Application up to the Plan & Permission in the admin. I am not sure if this is intentional, but since it leads to potentially take over a shop, I'm reporting i...

0.4AI score
Exploits0
Github Security Blog
Github Security Blogadded 2020/01/30 11:55 p.m.77 views

Malicious takeover of previously owned ENS names

Impact A user who owns an ENS domain can set a "trapdoor", allowing them to transfer ownership to another user, and later regain ownership without the new owner's consent or awareness. Patches A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry. The registry...

8.7CVSS3.5AI score0.00264EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder