Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.8 views

PT-2026-51622

Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description A repository admin collaborator can escalate their privileges to owner-level access due to an off-by-one error in the ChangeCollaborationAccessMode function. This occurs because the validation...

7CVSS5.9AI score0.00499EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2026/04/01 9:3 p.m.15 views

NetBird has Race Condition on UpdateUser Function, Resulting in Privilege Escalation From Admin to Owner

Summary A race condition vulnerability allows authenticated admin-privileged users to escalate to owner privilege. Details The vulnerability exists in the updateUser function, which is connected to the /users/userId PUT request. This function then calls the SaveOrAddUsers function, which checks t...

5.9AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/01 9:3 p.m.4 views

GHSA-RXMP-8H9V-56CX NetBird has Race Condition on UpdateUser Function, Resulting in Privilege Escalation From Admin to Owner

Summary A race condition vulnerability allows authenticated admin-privileged users to escalate to owner privilege. Details The vulnerability exists in the updateUser function, which is connected to the /users/userId PUT request. This function then calls the SaveOrAddUsers function, which checks t...

4.4CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/03/11 8:6 p.m.4 views

CVE-2026-32103 StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account...

6.8CVSS5.8AI score0.00344EPSS
Exploits1References3
Rows per page
Query Builder