Lucene search
K

27839 matches found

EUVD
EUVD
added 2026/06/29 6:16 p.m.6 views

EUVD-2026-40171

luci-app-tailscale-community contains a command injection vulnerability in the tailscale.dologin RPC method that allows authenticated users to execute arbitrary commands as root. The vulnerability exists because user-controlled loginserver and loginserverauthkey parameters are improperly quoted...

8.8CVSS6AI score0.01179EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 5:23 p.m.9 views

EUVD-2026-40143

Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth...

6.1CVSS5.9AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 5:22 p.m.19 views

CVE-2026-57956

SigNoz

6.4CVSS5.8AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 5:19 p.m.8 views

EUVD-2026-40166

ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this ...

7.1CVSS5.9AI score0.00231EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 5:19 p.m.12 views

CVE-2026-57949

ruoyi-vue-pro (through 2026.05) contains a missing authorization vulnerability in the CRM module’s GET /admin-api/crm/follow-up-record/get endpoint. The issue allows an authenticated user to read any follow-up record by iterating sequential numeric IDs, exfiltrating follow-up notes, file attachme...

7.1CVSS5.9AI score0.00231EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 5:18 p.m.7 views

EUVD-2026-40164

Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook registration endpoint that allows authenticated users to register internal URLs due to missing SSRF protection. Attackers can trigger alarm threshold breaches to force the server to issue POST requests to...

8.5CVSS5.8AI score0.00239EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 5:18 p.m.15 views

CVE-2026-57947

Pinpoint (through 3.1.0) has a server-side request forgery in the webhook registration endpoint. Authenticated users can register internal URLs due to missing SSRF protection, potentially causing the server to issue POST requests to internal hosts and metadata endpoints, enabling unauthorized acc...

8.5CVSS5.8AI score0.00239EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 5:17 p.m.10 views

CVE-2026-57943

LibrePhotos (before 1.0.0) contains a broken object-level authorization vulnerability in the SetPhotosShared endpoint. An authenticated user can bypass ownership validation and manipulate shared_to relations to grant themselves access to other users’ private photos, effectively reading arbitrary ...

6CVSS5.9AI score0.0021EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 5:17 p.m.33 views

CVE-2026-57943 LibrePhotos < 1.0.0 - Insecure Direct Object Reference in SetPhotosShared Endpoint

LibrePhotos before 1.0.0 contains a broken object level authorization vulnerability in the SetPhotosShared endpoint that allows authenticated users to grant themselves access to other users' private photos by bypassing ownership validation. Attackers can manipulate sharedto relations without prop...

6CVSS0.0021EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/29 5:16 p.m.5 views

CVE-2026-56783 Parseable < 2.9.2 - Cleartext Credential Exposure in Notification Target API

Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including...

7.1CVSS5.8AI score0.00264EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 5:16 p.m.33 views

CVE-2026-56783 Parseable < 2.9.2 - Cleartext Credential Exposure in Notification Target API

Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including...

7.1CVSS0.00264EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 5:16 p.m.13 views

CVE-2026-56783

Parseable

7.1CVSS5.8AI score0.00264EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-527 Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API

Summary A SQL injection vulnerability in FilterEngine.createpostgresquery allows any authenticated Rucio user to execute arbitrary SQL against the configured PostgreSQL metadata database through the DID search endpoint GET /dids//dids/search. When the external metadata plugin postgresmeta is...

9.9CVSS6.7AI score0.00301EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-318 ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...

9.6CVSS5.8AI score0.00928EPSS
Exploits0References8
CVE
CVE
added 2026/06/27 6:50 a.m.17 views

CVE-2026-11773

CVE-2026-11773 affects the Masteriyo LMS – LMS Course Builder, Quizzes & Certificates WordPress plugin (versions up to 2.2.1). The issue is an authorization bypass where the plugin fails to verify a user’s permission, enabling authenticated attackers with student-level access and above to modify ...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/27 6:50 a.m.38 views

CVE-2026-11987 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Information Disclosure via 'id' Parameter

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 via the 'id' parameter due to missing validation on a user controlled key. This...

4.3CVSS0.00271EPSS
Exploits0References14
NVD
NVD
added 2026/06/27 6:16 a.m.10 views

CVE-2026-10820

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription, allowing any authenticated user Subscriber+ to cancel other...

8.1CVSS0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 12:30 a.m.6 views

EUVD-2026-39924

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS5.9AI score0.00459EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 11:32 p.m.4 views

GHSA-2FP4-5V5C-4448 gonic: Path Traversal in playlist `id` bypasses ownership check, enabling any user to read/delete other users' playlists

Summary The maintainer's recent fix in 6dd71e6a3c966867ef8c900d359a7df75789f410 fixsubsonic: enforce playlist ownership on getPlaylist/deletePlaylist added an ownership check based on playlist.UserID. However, playlist.UserID is derived from the first path segment of the attacker-controlled...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 11:32 p.m.11 views

EUVD-2026-38062

gonic: Path Traversal in playlist id bypasses ownership check, enabling any user to read/delete other users' playlists...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References4
Rows per page
Query Builder