Lucene search
K

269 matches found

CVE
CVE
added 5 days ago19 views

CVE-2026-59224

Open WebUI vulnerability CVE-2026-59224 affects versions prior to 0.10.0. The issue: in backend/open_webui/routers/terminals.py, the ws_terminal upstream URL is built from an unencoded session_id and appends user_id as a query parameter, enabling query injection to make the terminal backend resol...

8CVSS6AI score0.00286EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42636

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/openwebui/routers/terminals.py built the wsterminal upstream URL from an unencoded sessionid and appended userid as a query parameter, allowing query injection to make the terminal backe...

8CVSS6AI score0.00286EPSS
Exploits0References4
NVD
NVD
added 2026/07/04 9:17 p.m.9 views

CVE-2026-14653

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument userid causes sql injection. Remote exploitation of the attack is possible. The exploit has...

7.5CVSS0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 2:3 p.m.36 views

CVE-2026-46406 Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write

Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...

4.4CVSS0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 2:16 p.m.13 views

CVE-2026-56242

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

8.7CVSS0.00259EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:26 p.m.4 views

CVE-2026-56242

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

8.7CVSS5.9AI score0.00259EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 6:55 p.m.7 views

MAL-2026-6069 Malicious code in @civitatis/bot-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e51e58cf925eb7dd4e084a2e78e22b0a0db0f1f82663101e34110258839f98f7 The package declares "preinstall": "node index.js" in package.json, causing index.js to execute automatically on npm install. index.js requires...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/06/09 5:36 p.m.13 views

MAL-2026-5427 Malicious code in @payment-review/store (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d624eaefbb0245bf0c9a7b598c461a3ba5ec48005cfec223898062741ef8c2e package.json declares preinstall: node index.js || true, so installing the package automatically runs index.js on npm install. The script collects ho...

5.5AI score
Exploits0References2
CVE
CVE
added 2026/05/26 7:45 p.m.20 views

CVE-2026-9579

Summary: CVE-2026-9579 affects JeecgBoot

6.5CVSS6.2AI score0.00209EPSS
Exploits0References7
OSV
OSV
added 2026/05/22 5:48 p.m.5 views

GHSA-97R5-PG8X-P63P Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

5.8AI score0.00035EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/22 5:48 p.m.18 views

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

5.8AI score0.00035EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/22 12:0 a.m.10 views

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth identity...

5.8AI score0.00035EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/09 4:15 a.m.7 views

CVE-2026-42560

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. ...

9.1CVSS5.7AI score0.00417EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/05/01 2:16 p.m.66 views

CVE-2026-31717

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

8.8CVSS0.00437EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.12 views

Duplicate Advisory: uutils coreutils's User Interface (UI) Misrepresents Critical Information

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xv5w-cw7x-72gj. This link is maintained to preserve external references. Original Description The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and...

3.3CVSS5.9AI score0.00123EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils, which stems from incorrect behavior when the real UID and the effective UID differ. This could lead to automated scripts or system administrators making...

3.3CVSS5.8AI score0.00123EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/17 9:25 p.m.11 views

EUVD-2026-7736

Sentry: Improper authentication on SAML SSO process allows user identity linking...

9.1CVSS5.8AI score0.00435EPSS
Exploits0References3
OSV
OSV
added 2026/03/30 5:35 p.m.16 views

GHSA-2MG4-PFGX-64CF AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()

Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...

5.4CVSS5.9AI score0.00247EPSS
Exploits1References4
OSV
OSV
added 2026/02/23 6:23 p.m.4 views

GO-2026-4525 Mattermost Plugin Zoom fail to validate user identity and post ownership in the {{/api/v1/askPMI}} endpoint in github.com/mattermost/mattermost-plugin-zoom

Mattermost Plugin Zoom fail to validate user identity and post ownership in the /api/v1/askPMI endpoint in github.com/mattermost/mattermost-plugin-zoom...

4.3CVSS5.4AI score0.00152EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/16 12:30 p.m.7 views

Mattermost Plugin Zoom fail to validate user identity and post ownership in the {{/api/v1/askPMI}} endpoint

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate user identity and post ownership in the /api/v1/askPMI endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via...

4.3CVSS5.7AI score0.00152EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder