1408 matches found
CVE-2026-25892
Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...
CVE-2026-25892
Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...
CVE-2026-25814
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into DynamoDB query/filter construction without validation or sanitization...
CVE-2026-25811
CVE-2026-25811 affects PlaciPy 1.0.0. Root cause: tenant identifiers are derived from user email domains without validating domain ownership/registration, enabling cross-tenant data access. Impact is cross-tenant data exposure; CVSS notes indicate high confidentiality/integrity impact in some vec...
CVE-2026-25809
CVE-2026-25809 affects PlaciPy 1.0.0. The code evaluation endpoint does not validate the assessment lifecycle state (whether started, expired, or submission window open), potentially allowing execution without proper sequencing. This is documented across multiple feeds (NVD, Red Hat, CVE records,...
CVE-2026-25057
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration courses//assignments/uploadconfigfiles. The uploaded zip file entry names are used to create paths to...
CVE-2026-25566 WeKan < 8.19 Cross-board Card Move Without Destination Authorization
WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially...
CVE-2026-25566
The connected documents confirm a concrete vulnerability in WeKan versions prior to 8.19: an authorization flaw in the card move logic allows a user to specify a destination board, list, or swimlane without proper authorization checks and without validating that the destination items belong to th...
CVE-2026-1082 TITLE ANIMATOR <= 1.0 - Cross-Site Request Forgery to Settings Update
The TITLE ANIMATOR plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the settings page form handler in inc/settings-page.php. This makes it possible for unauthenticated attackers to modify plugin...
CVE-2025-15491
The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as with contributor or higher roles to perform LFI attacks...
PT-2026-6692
Name of the Vulnerable Software and Affected Versions Code Snippets plugin for WordPress versions up to and including 3.9.4 Description The Code Snippets plugin for WordPress is susceptible to Cross-Site Request Forgery. This is a result of a lack of nonce validation on the cloud snippet download...
GHSA-R7X9-8PH7-W8CG Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing
Summary An Insecure Direct Object Reference CWE-639 has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation o...
RustFS has SourceIp bypass via spoofed X-Forwarded-For/Real-IP headers
Summary IP-based access control can be bypassed: getconditionvalues trusts client-supplied X-Forwarded-For/X-Real-Ip without verifying a trusted proxy, so any reachable client can spoof aws:SourceIp and satisfy IP-allowlist policies. Details - Vulnerable code: rustfs/src/auth.rs:289-304 sets...
CVE-2026-1664 Insecure Direct Object Reference (IDOR) via Header-Based Email Routing
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
EUVD-2026-5291
The Mail Mint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19.2. This is due to missing nonce validation on the createorupdatenote function. This makes it possible for unauthenticated attackers to create or update contact notes via a...
CVE-2026-24935
A third-party NAT traversal module fails to validate SSL/TLS certificates when connecting to the signaling server. While subsequent access to device services requires additional authentication, a Man-in-the-Middle MitM attacker can intercept or redirect the NAT tunnel establishment. This could...
WordPress plugin Mail Mint 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
EUVD-2025-206702
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via insufficient validation of the return parameter in the OAuth login initialization endpoint. An attacker can redirect users to external malicious websites by crafting a specially crafted authentication URL. Remediation...
CVE-2025-14616
The Recooty – Job Widget Old Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6. This is due to missing nonce validation on the recootysavemaybe function. This makes it possible for unauthenticated attackers to update the...