2 matches found
CVE-2026-24124
Dragonfly CVE-2026-24124 describes an unauthenticated access flaw in the Manager Job API. In versions 2.4.1-rc.0 and earlier, the Job API endpoints under /api/v1/jobs lack JWT authentication middleware and RBAC checks, allowing unauthenticated users with Manager API access to view, create, modify...
Rundeck Security Breach
Rundeck is an open source automation service with a web console, command line tools, and webAPI from Rundeck Inc. in the United States, which is primarily used to run automation tasks. A security vulnerability exists in Rundeck versions prior to 4.17.3, which stems from a vulnerability that could...