189 matches found
CVE-2026-34233
CVE-2026-34233 affects CtrlPanel, an open-source billing app. In versions ≤1.1.1, multiple admin controllers expose DataTable endpoints that can be reached via GET and lack any authorization checks. Despite routes living under the /admin/ prefix, the route group middleware does not enforce admin-...
CVE-2026-45371 SiYuan: SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST...
CVE-2026-34264
The CVE concerns SAP Human Capital Management for SAP S/4HANA where during authorization checks the system returns messages that allow an authenticated, low-privilege user to guess and enumerate content beyond their scope. This leads to disclosure of sensitive information (confidentiality impact:...
CVE-2026-40044
Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to missing authentication and authorization checks in the cache server. An attacker can gain unauthorized read and write access by sending requests directly to the exposed service. Remediation Upgrade...
EUVD-2026-20607
kcp's cache server is accessible without authentication or authorization checks...
WordPress plugin WP Blockade 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-30937
megagao production ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert...
CVE-2026-3651
The Build App Online plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.23. This is due to the plugin registering the 'build-app-online-update-vendor-product' AJAX action via wpajaxnopriv without proper authentication checks, capability verificatio...
PT-2026-28517
Name of the Vulnerable Software and Affected Versions srvx versions prior to 0.11.13 Description srvx is a universal server based on web standards. A discrepancy in pathname parsing within srvx's FastURL component allows bypassing middleware on the Node.js adapter. This occurs when a raw HTTP...
Improper Control of Dynamically-Managed Code Resources
Overview graphiti is an Easily build jsonapi.org-compatible APIs Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the Graphiti::Util::ValidationResponseallvalid? method recursively calls model.sendname. An attacker can execute arbitrar...
WordPress plugin Build App Online 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-22182
wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows anonymous users to trigger mass notification emails by exploiting the checkNotificationType function. Attackers can repeatedly call the wpdiscuz-ajax.php endpoint with arbitrary postId and commentid...
WordPress plugin wpDiscuz 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
CVE-2026-31881
Runtipi is a personal homeserver orchestrator. Prior to 4.8.0, an unauthenticated attacker can reset the operator admin password when a password-reset request is active, resulting in full account takeover. The endpoint POST /api/auth/reset-password is exposed without authentication/authorization...
CVE-2026-30926
SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts RoleReader to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint...
CVE-2026-2637
iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks. This issue affects iBoysoft NTFS: 8.0.0...
CVE-2026-28408
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...
CVE-2026-0996
The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI Form Builder module in all versions up to, and including, 6.1.14 due to a combination of missing authorization checks, a leaked nonce, and insufficient input sanitization. The vulnerability allows...
CVE-2025-10753
The OAuth Single Sign On – SSO OAuth Client plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the 'oauthredirect' opti...