Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.9 views

CVE-2026-29200

A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call...

9.9CVSS5.4AI score0.00297EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 4:42 p.m.8 views

CVE-2026-47107

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

9.6CVSS6AI score0.0024EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:42 a.m.6 views

CVE-2026-29200

A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call...

9.9CVSS5.8AI score0.00297EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/21 6:27 p.m.12 views

OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation

Impact OpenBao's namespaces provide multi-tenant separation. A tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. Patches This was addressed in v2.5.3...

2.7CVSS5.8AI score0.00301EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/08/25 4:17 p.m.8 views

CVE-2025-6737 Securden Unified PAM Shared SSH Key and Cloud Infrastructure

Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. A malicious actor can obtain authentication material and access the gateway server with low-privilege permissions...

7.2CVSS0.00244EPSS
Exploits0References1
Rows per page
Query Builder