Lucene search
K

2021 matches found

Nuclei
Nuclei
added yesterday87 views

AnythingLLM - Information Disclosure

AnythingLLM suffers from an information disclosure vulnerability through the /api/setup-complete API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM...

7.5CVSS7AI score0.29187EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday69 views

All Thrive Themes and Plugins - Unauthenticated Option Update

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...

5.3CVSS6.3AI score0.02076EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday17 views

Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

6.1CVSS6.5AI score0.02072EPSS
Exploits2References3
CVE
CVE
added 3 days ago8 views

CVE-2026-57219

RabbitMQ suffers an unauthenticated disclosure vulnerability in the management API: the obsolete GET /api/auth endpoint can reveal the OAuth 2 client secret on installations configured with management.oauth_client_secret prior to versions 3.13.15, 4.0.20, 4.1.11, and 4.2.6. The issue arises when ...

8.7CVSS6.1AI score0.0033EPSS
Exploits0References6
NVD
NVD
added 3 days ago7 views

CVE-2026-38057

The iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authentication. The /api/reboot endpoint accepts POST requests authenticated solely by a session cookie that lacks the SameSite attribute. A remote attacker can host a malicious web page that, when visited by an...

8.1CVSS0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-12428 Blocks for ACF Fields <= 1.6.2 - Missing Authorization to Authenticated (Author+) Arbitrary ACF Field Value Disclosure via 'id' Parameter

The Blocks for ACF Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getallvalues function in the /wp-json/acf-field-blocks/v1/values REST endpoint in versions up to, and including, 1.6.2. The permissioncallback only verifies the...

6.5CVSS0.00285EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-12433 Hydra Booking <= 1.2.1 - Authenticated (Custom+) Insecure Direct Object Reference to Sensitive Information Exposure via 'booking_id' Parameter

The Hydra Booking – Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.2.1 via the /wp-json/hydra-booking/v1/booking/details/id REST endpoint. This is due to the getBookingDetails callback only...

4.3CVSS0.00435EPSS
Exploits0References10
NVD
NVD
added 6 days ago5 views

CVE-2026-55077

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's passwor...

7.2CVSS0.00615EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-55077 Coder: User-admin role can reset owner account password

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the PUT /api/v2/users/user/password endpoint authorized only ActionUpdatePersonal and did not prevent a user-admin from resetting an owner account's passwor...

7.2CVSS0.00615EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:18 p.m.8 views

CVE-2026-13603

The payment integration pretix-oppwa provides support for the payment providers VR Payment, Hobex, and potentially others based on Oppwa's technology. The integration of Oppwa, following their official documentation, includes a step where the user is redirected from the payment provider back to o...

10CVSS5.8AI score0.00253EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 3:43 a.m.34 views

CVE-2026-13468 Visualizer <= 4.0.3 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via /visualizer/v1/action/{chart}/{type}/ REST Endpoint

The Visualizer – Tables & Charts Manager with Built-in AI Generator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

7.5CVSS0.00367EPSS
Exploits0References8
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-497 pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

Summary PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network services and exfiltrate cloud provider metadata. On DigitalOcean droplets, this exposes sensitive...

9.3CVSS6AI score0.00397EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-325 DB-GPT is vulnerable to SQL Injection attacks from unauthenticated users

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

9.1CVSS7.7AI score0.01083EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:15 a.m.6 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/29 6:2 a.m.4 views

BIT-GITLAB-2026-8330 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint...

4.4CVSS5.8AI score0.0013EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 6:0 a.m.10 views

EUVD-2026-39624

The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supplied query parameter, allowing unauthenticated attackers to retrieve the titles and content of private, draft, and other non-public posts...

7.5CVSS5.8AI score0.00921EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 10:16 p.m.9 views

CVE-2025-71336

Flowise before 3.0.6 affected versions 2.2.7-patch.1 and earlier contains an unsandboxed remote code execution vulnerability in the Custom MCP feature, which is designed to execute OS commands such as launching local MCP servers. Because Flowise's authentication and authorization model is minimal...

9.8CVSS0.00757EPSS
Exploits1References2
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5229 SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via `/api/av/removeUnusedAttributeView` in github.com/siyuan-note/siyuan/kernel

SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via /api/av/removeUnusedAttributeView in github.com/siyuan-note/siyuan/kernel...

8.1CVSS5.8AI score0.004EPSS
Exploits1References3
NVD
NVD
added 2026/06/24 9:16 p.m.11 views

CVE-2026-33543

FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...

9.3CVSS0.00289EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 9:1 p.m.14 views

CVE-2026-33543

FOSSBilling versions 0.7.2 and earlier expose a guest API endpoint /api/guest/staff/create intended for initial admin bootstrap. A flawed admin-existence check (is_countable() used on a Model_Admin object or null) makes the guard always evaluate true, allowing unauthenticated creation of an admin...

9.3CVSS5.8AI score0.00289EPSS
Exploits0References2
Rows per page
Query Builder