575651 matches found
CVE-2026-54458
WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page th...
CVE-2026-55445
Qinglong is a timed task management platform supporting Python3, JavaScript, Shell, and Typescript. Prior to 2.20.1, the init guard middleware in back/loaders/express.ts checks /api/user/init but not /open/user/init, while rewrite'/open/', '/api/$1' rewrites the whitelisted /open/ path after JWT...
CVE-2026-55234
Wekan (open source Kanban on Meteor) has a cross-board write flaw in versions before 9.37. The DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js validate only the stored boardId and do not verify a new boardId in the update mod...
CVE-2026-52892
Summary: CVE-2026-52892 affects Wekan, an open‑source Kanban app built on Meteor. Before version 9.32, REST handlers in server/models/customFields.js checked read‑level access (Authentication.checkBoardAccess) for mutating custom-field routes, instead of write‑level access (Authentication.checkBo...
CVE-2026-50182
Summary (CVE-2026-50182) WWBN AVideo (API + YouTubeAPI + Layout plugins) is affected. Versions prior to 29.0 contain an unauthenticated Reflected XSS via the $_GET['search'] parameter used in the YouTubeAPI gallery pagination. The payload is injected into the hrefs of the previous/next page links...
CVE-2026-62361
CVE-2026-62361 affects listmonk prior to version 6.2.0. The vulnerability arises in the GET /api/subscribers/export endpoint, which injects a user-controlled query parameter into QuerySubscribersForExport without calling validateQueryTables, unlike GET /api/subscribers. An authenticated user with...
CVE-2026-62312
CVE-2026-62312 affects 9Router, an AI router & token saver. Before v0.5.2, an authenticated remote attacker can achieve arbitrary code execution on the host by abusing a Host header bypass of localhost-only routes in combination with unvalidated MCP plugin arguments passed to child_process.spawn(...
CVE-2026-56679
9Router (AI router & token saver) contains a mass-assignment vulnerability in PATCH /api/settings prior to version 0.5.4. The endpoint writes the entire request body to persistent settings without a field whitelist, enabling an authenticated user to modify security-critical fields such as require...
CVE-2026-54052
n8n-MCP (HTTP mode with multi-tenancy enabled via ENABLE_MULTI_TENANT=true) is affected prior to version 2.56.1. An authenticated tenant could read and delete other tenants’ workflow version backups, including full node definitions, credential references, and authorization headers, due to backups...
CVE-2026-55399
CVE-2026-55399 affects the Secure Access publisher prior to version 14.55. It is a resource-exhaustion vulnerability where attackers with valid credentials to the Secure Access tunnel can trigger a non-persistent DoS against the publisher. CVSS v4.0 base score is 5.1 (Medium), with network attack...
CVE-2026-52870
The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. From 1.23.0 until 1.27.2, default handlers installed by server.experimental.enabletasks for tasks/list, tasks/get, tasks/result, and tasks/cancel operate only on task identifiers without recordin...
CVE-2026-55398
CVE-2026-55398 is a memory management vulnerability in Secure Access clients and servers prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a non-persistent DoS on the server. CVSS v4 base score 6.9 (Medium) with network attack, low complexit...
CVE-2026-40956
CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...
CVE-2026-40958
CVE-2026-40958 is a input validation error in Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40957
o CVE-2026-40957 is a frameable content vulnerability in the Secure Access server login page prior to 14.55. Attackers with control of a malicious web site could use it to potentially steal credentials from an unwary administrator...
CVE-2026-40955
CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40954
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...
CVE-2026-40953
CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...
CVE-2026-40952
CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...
CVE-2026-33443
CVE-2026-33443 is a memory management error in Secure Access servers prior to 14.55. Attackers with an intimate knowledge of and total control over the tunnel protocol can create a persistent DoS against the server...