Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Nuclei
Nucleiadded 20 hours ago6 views

Dgraph <= 25.3.2 - Admin Token Disclosure

Dgraph = 25.3.2 contains an information disclosure caused by unauthenticated access to the /debug/vars endpoint , which publishes the cmdline variable including the --security token= flag, letting unauthenticated remote attackers retrieve the admin token and access admin-only endpoints, exploit...

9.8CVSS5.3AI score0.00228EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/05/15 6:45 p.m.30 views

CVE-2026-46407 Vvveb: admin/auth-token IDOR allows unauthorized disclosure of administrator REST API tokens

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator to load another administrator's REST API token list by supplying that user's adminid. This can...

8.1CVSS0.00032EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/15 6:45 p.m.6 views

CVE-2026-46407 Vvveb: admin/auth-token IDOR allows unauthorized disclosure of administrator REST API tokens

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator to load another administrator's REST API token list by supplying that user's adminid. This can...

8.1CVSS5.8AI score0.00032EPSS
Exploits0References1
CVE
CVEadded 2026/05/15 6:45 p.m.19 views

CVE-2026-46407

Vvveb CMS contains an IDOR in the backend/admin/auth-token endpoint. An authenticated administrator can load another admin's REST API token list by supplying that user’s admin_id, leading to disclosure of sensitive tokens. The issue is fixed in version 1.0.8.3. No exploitation details are provide...

8.1CVSS5.8AI score0.00032EPSS
Exploits0References1
OSV
OSVadded 2026/04/24 2:25 p.m.3 views

SUSE-SU-2026:1617-1 Security update for cups

This update for cups fixes the following issues: - CVE-2026-34980: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network bsc1261569. - CVE-2026-34990: Local print admin token disclosure using temporary printers bsc1261568...

7.8CVSS6AI score0.00036EPSS
Exploits2References5
0day.today
0day.todayadded 2019/02/13 12:0 a.m.438 views

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - CSRF (Admin Token Disclosure) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Jiofi 4 JMR 1140 CSRF To Leak Admin Tokens to change wifi Password or Factory Reset Router Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link:...

0.0032EPSS
Exploits2
Rows per page
Query Builder