CVE-2026-44321

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...

CVE-2026-44321

The CVE concerns free5GC SMF (v4.2.x) where the UPI route group lacked inbound OAuth middleware, allowing an unauthenticated POST to /upi/v1/upNodesLinks to trigger a validation failure that calls Fatalf, terminating the entire SMF process. Specifically, an attacker-controlled JSON payload can tr...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from SMF failing to include the necessary inbound OAuth2 middleware when mounting UPI management routing groups. Th...

CVE-2023-24215

Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request...

CVE-2020-37222

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

CVE-2026-39803

CVE-2026-39803 – Bandit (Elixir) memory exhaustion via chunked HTTP/1 bodies. The issue occurs in the chunked path of Elixir.Bandit.HTTP1.Socket.read_data/2 where the caller-supplied length is ignored; every received chunk is buffered into an iolist and the entire body is materialized as a single...

mem0 server lacks authentication and authorization controls for its memory creation API endpoint

The mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint POST /memories. The endpoint allows unauthenticated users to submit arbitrary memory records without verifying their identity or permissions. A remote attacker can exploit this by sending...

GHSA-GX3V-WXFJ-8H24 Eclipse BaSyx Java Server SDK vulnerable to Server-Side Request Forgery

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

CVE-2026-41472 CyberPanel < 2.4.4 Stored XSS via AI Scanner Dashboard

CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...

CVE-2026-4139 mCatFilter <= 0.5.2 - Cross-Site Request Forgery via compute_post() Function

The mCatFilter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.5.2. This is due to the complete absence of nonce verification and capability checks in the computepost function, which processes settings updates. The computepost function is...

EUVD-2026-23498

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings e.g., enabling SSH, allowing unauthorized state changes that can facilitate later compromise...

EUVD-2026-23480

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

CVE-2026-40461

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings e.g., enabling SSH, allowing unauthorized state changes that can facilitate later compromise...

CVE-2026-33093

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

CVE-2026-40461 Anviz Products Missing Authentication for Critical Function

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings e.g., enabling SSH, allowing unauthorized state changes that can facilitate later compromise...

CVE-2026-40461

CVE-2026-40461 affects Anviz CX2 Lite and CX7. The flaw allows unauthenticated POST requests to modify debug settings (e.g., enabling SSH), causing unauthorized state changes that can facilitate later compromise. According to the provided documents, affected components are the devices’ debug/admi...

CVE-2026-40461

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings e.g., enabling SSH, allowing unauthorized state changes that can facilitate later compromise...

CVE-2026-33093 Anviz Products Missing Authorization

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

CVE-2026-33093

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

CVE-2026-33093

CVE-2026-33093 — Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that triggers the front-facing camera to capture a photo, exposing visible information about the deployment environment. Affected product: Anviz CX7 Firmware. Reported impact: confidentiality loss (low) wit...