CVE-2026-9095

Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/samlsp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user session. There is no assertion ID cache, OneTimeUse condition enforcemen...

CVE-2022-31114

backpack/crud provides Create, Read, Update & Delete CRUD functions for Backpack, a collection of Laravel packages that help users build custom administration panels. Versions prior to 5.0.13, 4.1.69, and 4.0.63 are vulnerable to cross-site scripting. An attacker could conduct a targeted phishing...

Malicious Package

Overview Sicoob-Cooperativa.Sicoob.PagamentosPix is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter

ADVISORY SUMMARY Successful exploitation of this vulnerability could result in an attacker gaining administrator access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

CVE-2026-8605 Use of Hard-coded Credentials in ScadaBR

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...

CVE-2026-42300 DevGuard: Unauthenticated identity assertion via `X-Admin-Token` header

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw string value as the authenticated userID when no Kratos session cookie is present. An unauthenticated...

GHSA-6XCP-7MPR-M7WM Open WebUI has a CORS misconfiguration and session validation issue

GitHub Security Lab GHSL Vulnerability Report, open-webui: GHSL-2024-174, GHSL-2024-175 The GitHub Security Lab team has identified potential security vulnerabilities in open-webui. We are committed to working with you to help resolve these issues. In this report you will find everything you need...

CVE-2026-7414

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyon...

CVE-2026-3307 Authorization bypass in GitHub Enterprise Server secret scanning push protection allows cross-repository modification of delegated bypass reviewers

An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...

📄 Authentic 8 Insecure Direct Object Reference / Broken Access Control

Authentic 8 has an broken access control that can be leveraged via insecure direct object reference that can lead to PII information disclosure. ================================================================================================================================== | Title : Authentic 8...

CVE-2026-20155

Cisco EPNM has a REST API authorization flaw in its web-based management interface. An authenticated user with low privileges can query a REST endpoint and potentially view session information of active EPNM users, including administrators, which could lead to device compromise. The provided sour...

CVE-2026-24448

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...

CVE-2026-27752

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can intercept credentials and reuse them to gain...

GHSA-GC24-PX2R-5QMF Bambuddy Uses Hardcoded Secret Key + Many API Endpoints do not Require Authentication

Summary 1. A hardcoded secret key used for signing JWTs is checked into source code 2. ManyAPI routes do not check authentication Details I am using the publicly available docker image at ghcr.io/maziggy/bambuddy 1. Hardcoded JWT Secret Key...

CVE-2026-22224

The CVE-2026-22224 entry details a command injection vulnerability in the TP-Link Archer BE230 v1.2, exploitable after admin authentication in the device’s cloud communication interface. Affected version is v1.2

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52855)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2025-64305

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

CVE-2025-64062

The CVE (CVE-2025-64062) affects Primakon Pi Portal 1.0.18. The /api/V2/pp_users?email endpoint lacks proper server-side validation against the authenticated session, allowing an attacker to manipulate the email parameter to an arbitrary value (e.g., [email protected]) to hijack the session and ...

CVE-2025-64759

Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowing the execution of arbitrary JavaScript in a user's browser, with minimal or no user interaction required, due to the rendering of a malicious uploaded SVG file. This could be abused to add an...

PT-2025-47019

Name of the Vulnerable Software and Affected Versions PLANEX CS-QP50F-ING2 smart cameras affected versions not specified Description The PLANEX CS-QP50F-ING2 smart cameras have a configuration backup interface accessible over HTTP without authentication. An unauthenticated remote attacker can...