Lucene search
K

4 matches found

CVE
CVE
added 2026/06/21 3:15 a.m.69 views

CVE-2026-12773

Affected software: litellm MCP Proxy (BerriAI) up to version 1.59.8. The vulnerability lies in UserAPIKeyAuth in litellm/proxy/_experimental/mcp_server/auth/user_api_key_auth_mcp.py, where authentication can be bypassed if an invalid token triggers a swallowed 401/403 exception, allowing unauthen...

9.8CVSS6.7AI score0.00612EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2022/02/28 9:15 a.m.4 views

CVE-2021-25011

The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper authorisation and CSRF in most of its AJAX actions, which could allow any authenticated users, such as subscriber to delete arbitrary posts and update the plugin's settings...

5.7CVSS6.3AI score0.0042EPSS
Exploits2References2
Cvelist
Cvelist
added 2021/07/12 2:55 p.m.34 views

CVE-2021-30640 Auth weakness in JNDIRealm

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65...

7.1AI score0.09886EPSS
Exploits0References9
securityvulns
securityvulns
added 2014/05/15 12:0 a.m.110 views

[oss-security] CVE request: various NodeJS module vulnerabilities

Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE; CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660 https://nodesecurity.io/advisories printer potential command...

6.8CVSS0.8AI score0.17186EPSS
Exploits7
Rows per page
Query Builder