CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CVE•added 2026/05/22 6:52 p.m.•31 views

CVE-2026-40166

authentik contains an elevation of privilege in its OAuth2 access_tokens API (GET /api/v3/oauth2/access_tokens/) where authenticated non-admin users with at least one OAuth2 access token can retrieve the client_secret of confidential providers they previously authenticated against. This exposed i...

7.1CVSS5.7AI score0.00373EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-48460

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:51 a.m.•6 views

CVE-2024-7554

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specif...

6.5CVSS6.6AI score0.00403EPSS

Exploits0References1

OSV•added 2025/01/08 8:2 p.m.•2 views

CVE-2025-0194 Insertion of Sensitive Information into Externally-Accessible File or Directory in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API requests were made in a specific manner...

6.5CVSS6.4AI score0.0047EPSS

Exploits1References5