Lucene search
K

582 matches found

nvd
nvd
added 2026/05/28 7:16 p.m.17 views

CVE-2026-43000

An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token...

8.8CVSS0.00328EPSS
Exploits1References5
redhatcve
redhatcve
added 2026/05/26 8:14 p.m.15 views

CVE-2026-6897

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\Features\TeamAccounts::savesettings' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/23 12:0 a.m.19 views

PT-2026-42872

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 1.4.0 through 2.0.8 Description Authenticated non-admin members can connect to the server-status WebSocket endpoint '/api/v1/ws/server' and receive telemetry for all servers, including those owned by other users. Whil...

6.5CVSS5.2AI score0.0027EPSS
Exploits0References8
euvd
euvd
added 2026/05/21 8:34 p.m.10 views

EUVD-2026-31345

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

8.8CVSS5.8AI score0.00653EPSS
Exploits2References7
cvelist
cvelist
added 2026/05/19 9:18 p.m.36 views

CVE-2026-34246 CtrlPanel: Stored XSS in Admin Role Management via Unescaped DataTable HTML Output

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable method interpolates $role-name and...

4.8CVSS0.00216EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/19 9:18 p.m.8 views

CVE-2026-34246 CtrlPanel: Stored XSS in Admin Role Management via Unescaped DataTable HTML Output

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable method interpolates $role-name and...

4.8CVSS5.8AI score0.00216EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/19 9:18 p.m.7 views

CVE-2026-34246

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable method interpolates $role-name and...

4.8CVSS5.8AI score0.00216EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/05/19 12:0 a.m.12 views

EUVD-2026-30945

The LalanaChami Pharmacy Management System commit 5c3d028 allows unauthenticated remote attackers to escalate privileges by self-assigning an administrative role during registration. The /api/user/signup endpoint fails to validate the role parameter in the request body...

5.8AI score0.00476EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/19 12:0 a.m.47 views

CVE-2026-31070

The LalanaChami Pharmacy Management System commit 5c3d028 allows unauthenticated remote attackers to escalate privileges by self-assigning an administrative role during registration. The /api/user/signup endpoint fails to validate the role parameter in the request body...

0.00476EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/19 12:0 a.m.6 views

CVE-2026-31070

The LalanaChami Pharmacy Management System commit 5c3d028 allows unauthenticated remote attackers to escalate privileges by self-assigning an administrative role during registration. The /api/user/signup endpoint fails to validate the role parameter in the request body...

5.8AI score0.00476EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/19 12:0 a.m.14 views

PT-2026-42018

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable method interpolates $role-name and...

4.8CVSS5.8AI score0.00216EPSS
Exploits0References3
cve
cve
added 2026/05/19 12:0 a.m.18 views

CVE-2026-31070

The CVE-2026-31070 vulnerability affects the LalanaChami Pharmacy Management System (commit 5c3d028). The /api/user/signup endpoint fails to validate the role parameter in the request body, allowing unauthenticated remote attackers to self-assign an administrative role during registration and esc...

9.8CVSS5.8AI score0.00476EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/18 7:58 p.m.11 views

CVE-2026-44567

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is...

7.3CVSS5.8AI score0.0023EPSS
Exploits1References1
nvd
nvd
added 2026/05/15 10:16 p.m.29 views

CVE-2026-44567

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is...

7.3CVSS0.0023EPSS
Exploits1References1
nvd
nvd
added 2026/05/15 8:16 p.m.34 views

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS0.00284EPSS
Exploits1References1
cvelist
cvelist
added 2026/05/15 7:54 p.m.57 views

CVE-2026-44553 Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS0.00284EPSS
Exploits1References1
cve
cve
added 2026/05/15 7:54 p.m.24 views

CVE-2026-44553

Open WebUI (self-hosted offline AI) has a Socket.IO session cache vulnerability where admin role changes or user deletions are not propagated to active sessions. Prior to version 0.9.0, a user whose admin role was revoked can retain admin privileges within their existing Socket.IO session as long...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References1Affected Software1
euvd
euvd
added 2026/05/15 7:12 p.m.28 views

EUVD-2026-30607

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line...

8.1CVSS5.9AI score0.00354EPSS
Exploits1References3
cnnvd
cnnvd
added 2026/05/15 12:0 a.m.13 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained security vulnerabilities. These vulnerabilities stemmed from APIs that did not properly verify whether the user had the authorized user role. When...

7.3CVSS5.8AI score0.0023EPSS
Exploits1References2
euvd
euvd
added 2026/05/14 6:14 p.m.10 views

EUVD-2026-30357

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST...

7.2CVSS5.9AI score0.00207EPSS
Exploits0References1
Rows per page
Query Builder