CVE-2026-45080 Klaw: Improper Access Control Allows Disclosure of Password Hash

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...

CVE-2026-45080

Klaw (the self-service Apache Kafka Topic Management/Governance portal) is affected prior to version 2.10.4 by improper access control that can disclose password hashes. The issue is resolved in version 2.10.4. Affected software/components: Klaw; root cause: improper access control leading to pas...

CVE-2026-44367

Klaw (self-service Apache Kafka Topic Management/Governance tool) is affected prior to v2.10.4 by inconsistent case-sensitivity handling in user registration and login, enabling targeted DoS and complete account lockout. Root cause: username case handling leads to lockout conditions. Impact: Deni...

PT-2026-45782

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...

PT-2026-45781

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, a vulnerability exists in the user registration and login mechanisms due to inconsistent handling of username case sensitivity, leading to a targeted Denial of Service DoS and complete account...

CVE-2022-0940

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4...

CVE-2022-0937

Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4...

CVE-2022-0942

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4...

CVE-2022-0951

File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4...

CVE-2022-0946

Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4...

CVE-2022-0938

Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4...

EUVD-2016-10079

Malware in sbrugna...

EUVD-2022-1495

Malicious code in bioql PyPI...

EUVD-2022-1485

Malicious code in bioql PyPI...

EUVD-2022-1568

Malicious code in bioql PyPI...

EUVD-2024-53176

Malicious code in bioql PyPI...

EUVD-2022-1511

Malicious code in bioql PyPI...

EUVD-2022-1544

Malicious code in bioql PyPI...

CVE-2024-56511

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...

CVE-2024-43218

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mediavine Mediavine Control Panel mediavine-control-panel.This issue affects Mediavine Control Panel: from n/a through = 2.10.4...