Lucene search
K

421 matches found

OSV
OSV
added 2026/05/08 7:38 p.m.11 views

GHSA-HR43-RJMR-7WMM Open WebUI's Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other Users' Accounts

Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other Users' Accounts Affected Component Folder creation endpoint and form model: - backend/openwebui/models/folders.py lines 72-77, FolderForm with extra='allow' - backend/openwebui/models/folders.py lines 95-106,...

5CVSS6AI score0.00287EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39254

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The UDR nudr-dr handler in free5GC contains an issue where a single authenticated request can cause a panic. This occurs when a request is made to the endpoint "DELETE...

6.5CVSS5.8AI score0.0042EPSS
Exploits1References8
The Hacker News
The Hacker News
added 2026/05/06 6:14 a.m.20 views

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The vulnerability, tracked as CVE-2026-0300 , has been described as a case of unauthenticated remote code execution. It carries a CVSS score of...

9.3CVSS6.8AI score0.36157EPSS
Exploits6
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Flowise 授权问题漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise 3.0.12 and earlier contained an authorization vulnerability. This vulnerability stemmed from issues with the operations of the parameter userId/organizationId/workspaceId/emai...

5.3CVSS5.8AI score0.00293EPSS
Exploits1References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/05/06 12:0 a.m.23 views

Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability

Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal aka Captive Portal service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted...

9.8CVSS6.4AI score0.36157EPSS
In wildExploits6
OSV
OSV
added 2026/05/05 10:4 p.m.4 views

GHSA-FG3J-5W9G-HMG7 authd: Primary group ID is incorrectly set to value of UID

authd 0.6.0 contains a bug which can lead to an incorrect primary group ID. It affects users whose primary group ID i.e. the GID in the user record differs from their UID. There are two ways which can lead to this: 1. The user was created with authd &2 continue fi if "$OLDGID"...

7.3CVSS5.8AI score0.0011EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/05 10:2 p.m.9 views

AVideo: Unauthenticated User Enumeration in objects/users.json.php via isCompany Parameter Allows Bypass of the Admin-Only Listing Restriction

Summary objects/users.json.php exposes two unauthenticated paths that disclose the full set of registered user accounts. The isCompany request parameter causes the handler to set $ignoreAdmin = true for any non-admin caller including unauthenticated visitors, which defeats the admin-only guard...

5.3CVSS5.8AI score0.0027EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.8 views

CVE-2026-7638

The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...

5.3CVSS5.9AI score0.00306EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/30 8:47 p.m.9 views

auth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonation

Summary The Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. In practice, this means all Patreon-authenticated users of an application using this library are collapsed into a...

9.1CVSS5.8AI score0.00417EPSS
Exploits0References6Affected Software2
EUVD
EUVD
added 2026/04/22 6:31 p.m.7 views

EUVD-2026-24982

The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p preserve flag, the utility applies the source mode bits even if the chown operation is unsuccessful. This can result in a user-owned copy retaining origin...

6.6CVSS5.7AI score0.00125EPSS
Exploits1References2
NVD
NVD
added 2026/04/22 5:16 p.m.8 views

CVE-2026-35371

The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleadi...

3.3CVSS0.00123EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:8 p.m.4 views

CVE-2026-35350

The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p preserve flag, the utility applies the source mode bits even if the chown operation is unsuccessful. This can result in a user-owned copy retaining origin...

6.6CVSS5.7AI score0.00125EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.12 views

PT-2026-34507

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The id utility exhibits incorrect behavior in its pretty print output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the...

3.3CVSS6AI score0.00123EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-35371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The id utility in uutils coreutils exhibits incorrect behavior in its pretty print output when the real UID and effective UID differ. The implementation...

3.3CVSS5.5AI score0.00123EPSS
Exploits1References3
Circl
Circl
added 2026/04/17 9:22 p.m.2 views

GHSA-89MQ-229G-X47P

creationtimestamp| type| source ---|---|--- 2026-04-17 21:22:46+00:00| seen| Telegram/o-uTgZiWLI4DGr-3Qx2v6r5S9u58WJIjtqdTFR62kB0PIWs...

4.8AI score
Exploits0
CVE
CVE
added 2026/04/10 6:15 p.m.15 views

CVE-2026-33702

Chamilo LMS before 1.11.38 and 2.0.0-RC.3 contains an IDOR in lp_ajax_save_item.php where a uid is read from $_REQUEST and used to load/modify another user’s Learning Path progress (score, status, completion, time) without verifying the requester’s identity. Any authenticated course-enrolled user...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/10 6:15 p.m.20 views

CVE-2026-33702 Chamilo LMS has an Insecure Direct Object Reference (IDOR)

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Reference IDOR vulnerability in the Learning Path progress saving endpoint. The file lpajaxsaveitem.php accepts a uid user ID parameter directly from $REQUEST and uses it t...

7.1CVSS0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/09 10:15 p.m.24 views

CVE-2026-5985 code-projects Simple IT Discussion Forum crud.php sql injection

A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument userId results in sql injection. The attack may be performed from remote. The exploit has been released to the...

7.5CVSS0.00254EPSS
Exploits0References5
CVE
CVE
added 2026/04/09 10:15 p.m.12 views

CVE-2026-5985

CVE-2026-5985 affects code-projects Simple IT Discussion Forum 1.0. The vulnerable component is the /crud.php file, where manipulation of the user_Id argument leads to SQL injection. The issue is exploitable remotely and exploit code is publicly available (proof-of-concept). Documents do not spec...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
OSV
OSV
added 2026/04/09 8:27 a.m.7 views

SUSE-RU-2026:1228-1 Recommended update for shadow

This update for shadow fixes the following issues: shadow is updated to 4.17.2 to bring lots of features and bug fixes. - util-linux-2.41 introduced new variable: LOGINENVSAFELIST. Recognize it and update dependencies. - Set SYSUID,GIDMIN to 201: After repeated similar requests to change the ID...

5.5CVSS6.8AI score0.00308EPSS
Exploits0References17
Rows per page
Query Builder