Lucene search
+L

1252 matches found

Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.6 views

Chromium: CVE-2026-13890 Out of bounds read in Chromecast

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.3CVSS5.9AI score0.00264EPSS
Exploits0
CVE
CVE
added 2026/06/22 12:46 p.m.19 views

CVE-2026-7165

CVE-2026-7165 affects the Assassin game by Gaudire. The vulnerability is in the /addJugador endpoint and involves multiple issues: keyJugador and keyJugadorObjectiu allow unauthorized modification of other users’ data; punts and numObjectiusEliminats accept arbitrary data enabling falsified prize...

9.4CVSS6AI score0.0029EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48874

Name of the Vulnerable Software and Affected Versions n8n-mcp versions prior to 2.56.1 Description An authorization flaw exists in multi-tenant HTTP mode when ENABLE MULTI TENANT is set to true. This allows authenticated tenants to read and delete workflow version backups belonging to other...

9.9CVSS6.1AI score0.00389EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.14 views

CVE-2026-41183

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be...

4.3CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41190

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

7.1CVSS5.5AI score0.00211EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-42784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - rust-sequoia-openpgp - None Ubuntu Linux - openpgp: Don't imply missing key flags from key type CVE-2026-42784 Note that Nessus relies on the...

5.8AI score
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Calling cfg80211stopap when switching from P2PGO type If the user-space tools switch from NL80211IFTYPEP2PGO to NL80211IFTYPEADHOC via sendmsgNL80211CMDSETINTERFACE, it does not call the cleanup function cfg80211stopap...

7.8CVSS5.2AI score0.00249EPSS
Exploits0References2
NVD
NVD
added 2026/04/21 5:16 p.m.12 views

CVE-2026-41183

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be...

4.3CVSS0.00224EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/21 5:6 p.m.51 views

CVE-2026-41190 FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

7.1CVSS0.00211EPSS
Exploits0References3
CVE
CVE
added 2026/04/21 5:6 p.m.16 views

CVE-2026-41190

FreeScout (self-hosted help desk) is affected pre-1.8.215. When APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS is enabled, the UI correctly blocks users who are neither the assignee nor the creator in direct conversation view, but the save_draft AJAX path is weaker. A crafted direct POST can create a draft...

7.1CVSS5.8AI score0.00211EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 5:6 p.m.3 views

CVE-2026-41190 FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

7.1CVSS6AI score0.00211EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/21 5:6 p.m.5 views

CVE-2026-41190 FreeScout has assigned-only visibility bypass via save_draft that allows hidden conversation draft injection

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when APPSHOWONLYASSIGNEDCONVERSATIONS is enabled, direct conversation view correctly blocks users who are neither the assignee nor the creator. The savedraft AJAX path is weaker. A direct POST can create a dra...

7.1CVSS5.8AI score0.00211EPSS
Exploits0References3
CVE
CVE
added 2026/04/21 5:4 p.m.12 views

CVE-2026-41189

FreeScout prior to 1.8.215 is vulnerable: customer-thread editing bypasses the assigned-only visibility due to ThreadPolicy::edit() not enforcing ConversationPolicy restrictions, allowing a user who cannot view a conversation to load and edit hidden customer-authored threads. The issue is address...

7.1CVSS5.8AI score0.00223EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/21 5:4 p.m.3 views

CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS5.8AI score0.00223EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/21 5:4 p.m.32 views

CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS0.00223EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 5:4 p.m.3 views

CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS6AI score0.00223EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/21 5:0 p.m.35 views

CVE-2026-41183 FreeScout allows non-folder conversation queries to disclose assigned-only hidden conversations

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be...

4.3CVSS0.00224EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/21 5:0 p.m.3 views

CVE-2026-41183

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 5:0 p.m.5 views

CVE-2026-41183 FreeScout allows non-folder conversation queries to disclose assigned-only hidden conversations

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder query builders. Global search and the AJAX filter path still reveal conversations that should be...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References3
CVE
CVE
added 2026/04/21 5:0 p.m.14 views

CVE-2026-41183

FreeScout core issue: prior to v1.8.215, the assigned‑only restriction was enforced for direct conversation view and folder queries but not for non‑folder query builders. As a result, global search and the AJAX filter path could disclose conversations that should have been hidden. Impact involves...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References3
Rows per page
Query Builder