Lucene search
K

7 matches found

NVD
NVD
added 2026/05/19 11:16 p.m.22 views

CVE-2026-8491

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1...

3.7CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 10:28 p.m.19 views

CVE-2026-8491

CVE-2026-8491 involves an improper check in the Drupal Node View Permissions module that permits forceful browsing. Affected are Node View Permissions 0.0.0–1.6.x and 2.0.0–2.0.0, where cancelled users’ content reassigned to anonymous users could be exposed. Remediation: upgrade to 1.7.0 (for 0.0...

3.7CVSS5.8AI score0.00214EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

Apollo MCP Server 访问控制错误漏洞

The Apollo MCP Server is an open-source service from Apollo GraphQL that exposes GraphQL operations as AI tools. Versions of the Apollo MCP Server prior to 1.7.0 contained a access control vulnerability. This vulnerability stemmed from the lack of validation of the Host header in incoming HTTP...

8.1CVSS5.8AI score0.00182EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/26 9:31 p.m.8 views

EUVD-2026-16393

Cross-Site Request Forgery CSRF vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2...

5.8AI score0.00109EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/26 8:10 p.m.3 views

CVE-2026-4393 Automated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030

Cross-Site Request Forgery CSRF vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2...

5.9AI score0.00109EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.7 views

Apache HertzBeat 安全漏洞

Apache HertzBeat is a tool from Apache USA that monitors various components. A security vulnerability exists in Apache HertzBeat versions prior to 1.7.0, which stems from an XML parsing vulnerability that could lead to remote code execution...

8.8CVSS7.7AI score0.00486EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/16 12:0 a.m.5 views

Apache CouchDB Remote Code Execution Vulnerability

Apache CouchDB is the United States Apache Apache Software Foundation , a free , open source , document-oriented database , is a use of JSON as a storage format , JavaScript as a query language , MapReduce and HTTP as the API of the NoSQL database . A remote code execution vulnerability exists in...

9CVSS8.6AI score0.90602EPSS
Exploits15References1
Rows per page
Query Builder