CVE-2026-33890 MyTube has an Unauthenticated Admin Privilege Escalation via Passkey Registration

MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey and subsequently authenticate with it to obtain a full admin session. The application exposes passkey registration endpoints without...

CVE-2026-32638

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.4, the REST API getUsers endpoint in StudioCMS uses the attacker-controlled rank query parameter to decide whether owner accounts should be filtered from the result set. As a result, an admin token...

StudioCMS Information Disclosure Vulnerability

StudioCMS is StudioCMS open source a content management system . StudioCMS suffers from an information disclosure vulnerability that stems from the use of an attacker-controlled rank query parameter in the REST API getUsers endpoint, which can be exploited by an attacker to cause an administrator...

CVE-2026-32638

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.4, the REST API getUsers endpoint in StudioCMS uses the attacker-controlled rank query parameter to decide whether owner accounts should be filtered from the result set. As a result, an admin token...

GHSA-XVF4-CH4Q-2M24 StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens

Summary The REST API getUsers endpoint in StudioCMS uses the attacker-controlled rank query parameter to decide whether owner accounts should be filtered from the result set. As a result, an admin token can request rank=owner and receive owner account records, including IDs, usernames, display...

Incorrect Privilege Assignment

Overview studiocms is an A Community-Driven Astro native CMS. Built from the ground up by the Astro community. Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the RestApiSecureHandler user creation flow in...

CVE-2026-32103

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account...

EUVD-2026-9941

FUXA Unauthenticated Remote Code Execution via Admin JWT Minting...

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

UBUNTU-CVE-2025-69634

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php NOTE: this is disputed by a third party who indicates that exploitation can only occur if an unprivileged user knows the token of an admin user...

CVE-2026-25893

CVE-2026-25893 affects FUXA, a web-based Process Visualization (SCADA/HMI/Dashboard) platform. The issue is an authentication bypass via the heartbeat refresh API that lets an unauthenticated, remote attacker gain administrative access and potentially execute arbitrary code on the server. This vu...

EUVD-2025-206717

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

CVE-2026-1103

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verifyuserloggedin' as a permission callback, which only checks if a...

CVE-2026-1103 AIKTP <= 5.0.04 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verifyuserloggedin' as a permission callback, which only checks if a...

CVE-2026-1103 AIKTP <= 5.0.04 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verifyuserloggedin' as a permission callback, which only checks if a...

CVE-2026-1103

CVE-2026-1103 affects the WordPress AIKTP plugin up to version 5.0.04. The vulnerability arises from missing authorization checks on the /aiktp/getToken REST endpoint, which uses verify_user_logged_in (only confirming login) and does not verify administrative capabilities. As a result, authentica...

PT-2026-4587

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verify user logged in' as a permission callback, which only checks if...