Lucene search
K

141 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-56300

Capgo before 12.128.2 contains unauthenticated security definer RPC functions getuserid and getorgpermforapikey that expose API key validity oracles and user UUID disclosure. Unauthenticated attackers using the public API key can validate leaked keys, enumerate users and apps, and determine...

8.7CVSS0.00349EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:8 p.m.13 views

CVE-2026-56300

Capgo before 12.128.2 is affected by CVE-2026-56300 due to unauthenticated security definer RPCs (get_user_id, get_org_perm_for_apikey) that expose API key validity and user UUIDs. Attackers with a public API key can validate leaked keys, enumerate users and apps, and infer permission levels, inc...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/24 1:20 p.m.7 views

CVE-2026-57297

A missing permission check in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username, API key, and service key...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 5:36 p.m.44 views

CVE-2026-53662 immich: One-click account takeover via XSS in login page continue redirect

immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting XSS vulnerability on the /auth/login page allows an attacker to fully compromise any authenticated user's account with a single link click. The contin...

9.6CVSS0.00235EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 10:16 p.m.10 views

CVE-2026-56306

Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate headers that result in NaN or falsy values. Remote attackers can manipulate the x-limited-key-id header ...

6.4CVSS0.00251EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.27 views

PT-2026-51407

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A weak parsing issue exists in the x-limited-key-id header. Remote attackers can bypass subkey enforcement by submitting duplicate headers, zero, or malformed values that result in falsy values or N...

6.4CVSS5.9AI score0.00251EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 6:16 a.m.14 views

CVE-2026-11357

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.7.5 via the editorassetsvariables. This makes it possible for authenticated attackers, with contributor-level access and abov...

4.3CVSS0.00243EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/18 4:31 a.m.28 views

CVE-2026-11357 Kadence Blocks <= 3.7.5 - Authenticated (Contributor+) Sensitive Information Exposure via Block Editor proData Localization

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.7.5 via the editorassetsvariables. This makes it possible for authenticated attackers, with contributor-level access and abov...

4.3CVSS0.00243EPSS
Exploits0References8
OSV
OSV
added 2026/06/10 10:13 p.m.7 views

GHSA-9PG3-25FQ-P6CC nebula-mesh: Newly-minted operator API key exposed in redirect URL (Referer, history, proxy logs)

internal/web/operators.go:251 — after handleOperatorCreateAPIKey mints a fresh 32-byte bearer token, the redirect points the operator's browser at: /ui/operators/?newkey=&keyname= The raw API key ends up: - in the browser's URL history - in the Referer header on every cross-origin asset the detai...

5.5CVSS5.5AI score0.00012EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-49135

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...

7.2CVSS5.5AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.11 views

CVE-2026-40498

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.8CVSS5.5AI score0.00571EPSS
Exploits1References1
CVE
CVE
added 2026/06/04 5:36 a.m.24 views

CVE-2026-49191

The CVE-2026-49191 entry concerns the production build of the M3WebServer where backend API keys are hard-coded and can be intercepted via verbose error handling pages. According to the provided data, this results in a high-impact exposure affecting confidentiality, integrity, and availability (C...

9.8CVSS5.8AI score0.00292EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/05/27 7:33 p.m.8 views

External Control of System or Configuration Setting

Overview Affected versions of this package are vulnerable to External Control of System or Configuration Setting via the found-action process. An attacker can execute arbitrary shell commands on the host system by sending specially crafted JSON data to the REST API server endpoint when it is...

10CVSS6.1AI score0.01051EPSS
Exploits2References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 7:56 a.m.13 views

Malicious code in sklern (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1495d93dccc77a422f70d192ef4d8dcd53b0c990fff43e68bc2a0eca301e5d10 Package name 'sklern' is a one-character deletion from the top-tier ML package 'sklearn', and its public API linearregression, logisticregression,...

5.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 1:32 a.m.15 views

Malicious code in fastgrc-openclaw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 158457237168ef50e3a6c4cd33f51e23f6aec642593745a3d11b9b4870ef36ce The package is an AI agent policy-check plugin. When a consumer does not configure their own API key, resolveApiKey returns a hardcoded BUNDLEDAPIKEY...

5.8AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/20 3:45 p.m.25 views

Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows

Summary The /api/v1/chatflows/apikey/:apikey endpoint whitelisted, accessible with API key auth only returns all chatflows bound to the provided API key AND all chatflows across the entire system that have no API key assigned. This crosses workspace boundaries, allowing a user in Workspace A who...

7.7CVSS5.8AI score0.00281EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the ability for users to continue a conversation with another user through...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References2
Veracode
Veracode
added 2026/05/09 5:42 a.m.19 views

SQL Injection

LiteLLM is vulnerable to SQL Injection. The vulnerability is due to unsafe inclusion of caller-supplied API key values directly into database queries during proxy API key checks, which allows an attacker to read or modify database contents through crafted Authorization headers...

9.8CVSS6.1AI score0.86607EPSS
Exploits7References7Affected Software1
NVD
NVD
added 2026/04/21 4:16 p.m.8 views

CVE-2026-40498

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.8CVSS0.00571EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/21 3:1 p.m.4 views

CVE-2026-40498 FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.3CVSS5.8AI score0.00571EPSS
Exploits1References3
Rows per page
Query Builder