Lucene search
+L

5 matches found

CVE
CVE
added 2026/06/30 9:5 p.m.27 views

CVE-2026-58446

CVE-2026-58446 affects Presenton before 0.8.8-beta. The MCP server deployed with session authentication in server/Docker setups is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth gate to that path, and the MCP server auto-mints a valid internal session token ...

6.9CVSS5.8AI score0.00437EPSS
Exploits0References5
OSV
OSV
added 2025/03/20 12:32 p.m.13 views

GHSA-FJCF-3J3R-78RP LiteLLM Has an Improper Authorization Vulnerability

An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internaluserviewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the applicatio...

8.1CVSS7.3AI score0.00315EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 12:44 a.m.11 views

CVE-2024-37282

It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges...

8.1CVSS6.9AI score0.00603EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/01/14 1:2 a.m.7 views

CVE-2023-22497 Netdata is vulnerable to improper authentication

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

6.5CVSS8AI score0.0068EPSS
Exploits1References2
CNVD
CNVD
added 2021/11/09 12:0 a.m.13 views

Samsung SmartThings Privilege Management Vulnerability (CNVD-2025-02721)

Samsung SmartThings is an app from Samsung South Korea that connects smart devices. A privilege management vulnerability exists in Samsung SmartThings versions prior to 1.7.73.22, which stems from improper privilege management of the API key used by SmartThings, and can be exploited by an attacke...

9.8CVSS6.7AI score0.00801EPSS
Exploits0References1
Rows per page
Query Builder