Lucene search
K

576 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-59093

Weaviate prior to 1.38.0 fails to verify that a principal granting RBAC roles actually has permissions within those roles. The assignRoleToUser and assignRoleToGroup endpoints (POST /authz/users/{id}/assign, /authz/groups/{id}/assign) only check that the caller may assign roles, not the permissio...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41424

Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and assignRoleToGroup handlers POST /authz/users/id/assign and /authz/groups/id/assign authorize only that the caller may assign role...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-55294

Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and assignRoleToGroup handlers POST /authz/users/id/assign and /authz/groups/id/assign authorize only that the caller may assign role...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References6
CVE
CVE
added 3 days ago6 views

CVE-2026-13211

CVE-2026-13211 affects the Genucenter web interface prior to version 8.0p11, where SNMP authentication and encryption keys are exposed in HTTP responses to users with Service or Admin roles. This disclosure creates a confidentiality risk (SNMP credentials exposed); the documentation does not spec...

4.3CVSS5.8AI score0.00139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-13211

The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role...

4.3CVSS5.8AI score0.00139EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41051

The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role...

4.3CVSS5.8AI score0.00139EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 6:17 p.m.19 views

CVE-2026-20266

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which construct...

9.1CVSS0.00469EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 5:7 p.m.28 views

CVE-2026-20266

Summary: CVE-2026-20266 affects Splunk AI Toolkit

9.1CVSS5.9AI score0.00469EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/17 5:7 p.m.9 views

EUVD-2026-37768

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which construct...

9.1CVSS5.9AI score0.00469EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.17 views

PT-2026-50502

Name of the Vulnerable Software and Affected Versions Splunk AI Toolkit versions prior to 5.7.4 Description A user with the "admin" Splunk role can execute arbitrary OS commands on the host running the Splunk Enterprise instance. This is caused by an unsafe shell execution pattern in the btool...

9.1CVSS5.9AI score0.00469EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/10 8:39 p.m.10 views

CVE-2026-53738 Copy & Delete Posts through 1.5.4 Privilege Escalation via cdp_action_handling Handler

Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdpactionhandling AJAX handler. Attackers with an enabled role can delete posts or overwrite plugin settings via the f parameter, bypassing per-function capability checks...

8.1CVSS5.4AI score0.00248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48497

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS5.4AI score0.00198EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/08 11:35 p.m.12 views

nebula-mesh: GET /api/v1/audit-log discloses all entries to any operator

internal/api/audit.go:12 — handleGetAuditLog does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via store.ListAuditEntries up to limit=1000. This includes cross-tenant actor names, host/CA/operator IDs, action timestamps, and masked-IP entrie...

5.5AI score0.00043EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

arcane 安全漏洞

Arcan is an open-source Docker management software developed by Arcane. Versions of Arcan prior to 1.19.0 contained security vulnerabilities. These vulnerabilities stemmed from multiple endpoints in the Huma-based REST API that did not call the checkAdmin helper function. Additionally, the...

9.9CVSS5.8AI score0.00387EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 7:16 p.m.17 views

CVE-2026-43000

An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token...

8.8CVSS0.00328EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.14 views

CVE-2026-6897

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\Features\TeamAccounts::savesettings' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.16 views

PT-2026-42872

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 1.4.0 through 2.0.8 Description Authenticated non-admin members can connect to the server-status WebSocket endpoint '/api/v1/ws/server' and receive telemetry for all servers, including those owned by other users. Whil...

6.5CVSS5.2AI score0.0027EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/21 8:34 p.m.9 views

EUVD-2026-31345

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

8.8CVSS5.8AI score0.00653EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2026/05/19 9:18 p.m.7 views

CVE-2026-34246

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable method interpolates $role-name and...

4.8CVSS5.8AI score0.00216EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/19 9:18 p.m.34 views

CVE-2026-34246 CtrlPanel: Stored XSS in Admin Role Management via Unescaped DataTable HTML Output

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable method interpolates $role-name and...

4.8CVSS0.00216EPSS
Exploits0References2
Rows per page
Query Builder