Lucene search
K

5 matches found

CVE
CVE
added 2026/07/06 9:4 p.m.11 views

CVE-2026-32718

Summary: Coolify prior to 4.0.0-beta.466 exposes a vulnerability where mutating API validation endpoints are protected only by read privileges, allowing read-scoped API tokens to perform state-changing actions (e.g., validating cloud tokens and servers). What’s affected: Coolify (self-hosted) wit...

6.5CVSS5.9AI score0.00213EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 9:4 p.m.3 views

CVE-2026-32718 Coolify read-scoped API tokens can perform state-changing validation operations

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, mutating API validation endpoints are guarded by read ability, allowing read-scoped API tokens to perform state-changing operations such as validating cloud tokens and...

6.5CVSS5.9AI score0.00213EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/29 7:59 a.m.54 views

CVE-2026-10052 Quay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpoints

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS0.00186EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31750

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00569EPSS
Exploits1References2
Veracode
Veracode
added 2021/04/13 3:33 p.m.29 views

Denial Of Service (DoS)

matrix-synapse is vulnerable to denial of service. The vulnerability exists due to missing input validation of some parameters on the endpoints used to confirm third-party identifiers...

6.5CVSS4.5AI score0.01538EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder