CVE-2026-0998

CVE-2026-0998 affects Mattermost releases 11.1.x up to 11.1.2, 10.11.x up to 10.11.9, 11.2.x up to 11.2.1 and Mattermost Plugin Zoom up to 1.11.0. The issue is in the {{/api/v1/askPMI}} endpoint where user identity and post ownership are not validated, allowing unauthorized users to start Zoom me...

EUVD-2021-21432

Malware in sbrugna...

CVE-2024-47053

CVE-2024-47053 concerns an authorization flaw in Mautic’s API. Any authenticated user can access all reports and their data via the API, bypassing permissions intended to restrict access to non-system reports (e.g., View Own/View Others). The vulnerability arises from Mautic’s HTTP Basic Authenti...

CVE-2024-8601

This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL which could lead to unauthorized acce...

Information Disclosure

sonarqube is vulnerable to information disclosure. Improperly configured access controls of the API allows an attacker to discover valid user account logins...