4966 matches found
XWiki Platform - Information Disclosure
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 6.1-milestone-2 through 16.10.6, configuration files are accessible through the webjars API. id: CVE-2025-55747 info: name: XWiki Platform - Information Disclosure author: Redmomn...
Dgraph <= 25.3.2 - Admin Token Disclosure
Dgraph = 25.3.2 contains an information disclosure caused by unauthenticated access to the /debug/vars endpoint , which publishes the cmdline variable including the --security token= flag, letting unauthenticated remote attackers retrieve the admin token and access admin-only endpoints, exploit...
CVE-2026-15488
A vulnerability was determined in hcr707305003 shiroiAdmin 1.1/1.3. Affected is the function FileController::upload of the file app/common/controller/FileController.php. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit...
EUVD-2026-43210
A vulnerability was determined in hcr707305003 shiroiAdmin 1.1/1.3. Affected is the function FileController::upload of the file app/common/controller/FileController.php. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit...
CVE-2026-15488
The CVE affects hcr707305003 shiroiAdmin versions 1.1/1.3 where FileController.php (FileController::upload) can be manipulated to trigger an unrestricted file upload. This could be exploited remotely. A public exploit exists. Upgrade to version 1.4 to address the issue (patch 3ecde28ea8a20a3840db...
Security update for perl-CGI-Session (moderate)
openSUSE Security Update: Security update for perl-CGI-Session Announcement ID: openSUSE-SU-2026:0240-1 Rating: moderate References: 1269983 Cross-References: CVE-2026-56016 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This...
CVE-2026-40452
Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB. Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users. This issue affects Apache IoTDB: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users are recommended to...
CVE-2026-40009 Apache IoTDB: Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditor
Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...
EUVD-2026-42835
Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via improper validation of input in the --write-link, --write-url-link,...
Improper Neutralization
Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Improper Neutralization via the DomainNameValidator process. An attacker can inject arbitrary HTTP headers by submitting input...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the notification URL validation process. An attacker can access internal network resources and potentially expose sensitive internal data by configuring notification URLs to point to hostnames that...
PYSEC-2026-1148 Improper Certificate Validation vulnerability in Apache Airflow FTP Provider
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTPTLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.createdefaultcontext during FTPTLS...
PYSEC-2026-1130 Apache Airflow missing Certificate Validation
Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected by the Validation of OpenSSL Certificate vulnerability. The default SSL context with SSL library did not check a server's X.509 certificate. Instead, the code accepte...
CVE-2026-49296
CVE-2026-49296 (Apache Airflow) : Affected versions before 3.3.0 expose the full source of co-located DAGs when reading a single DAG via GET /api/v2/dagSources/{dag_id} or the UI view, bypassing per-DAG read controls. This can disclose multiple DAG sources from the same file to authorized readers...
CVE-2026-48891 Apache Airflow: /ui/dependencies scheduling graph leaks unreadable Dag identifiers via trigger/sensor dep.source/dep.target
A bug in Apache Airflow's /ui/dependencies scheduling graph endpoint applied the caller's readable-Dag filter to the top-level serialized Dag key but still emitted referenced Dag IDs through the dep.source and dep.target fields of trigger / sensor dependency entries. An authenticated UI user with...
HTML injection in Diagram tab and Graph view in Guardian/CMC before 26.2.0
Summary A Stored HTML Injection vulnerability was discovered in the Diagram tab and Graph view due to a shared input validation function being insufficiently restrictive. Impact An authenticated user with administrative privileges can inject malicious HTML tags into N2OS configuration data throug...
PT-2026-56180
Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.3.0 Description The REST API task-instance detail and list endpoints return a deferred task's trigger kwargs without masking. This allows any authenticated user with DAG-scoped task-instance read access to vi...
Incorrect Implementation of Authentication Algorithm
Overview org.postgresql:postgresql is a Java JDBC 4.2 JRE 8+ driver for PostgreSQL database. Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm in the ScramAuthenticator class, which fails open by confirming only that the server advertised a...
CVE-2026-14471 Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry
Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted tablename value that is interpolated into SQL statements in...