Lucene search
K

161570 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 11:47 p.m.9 views

CVE-2026-41706 Open Redirect When Using CookieRequestCache

Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...

6.1CVSS5.5AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:47 p.m.26 views

CVE-2026-41706

Spring Security: CookieRequestCache and CookieServerRequestCache store the full absolute pre-authentication URL in a browser cookie and use it as the post-login redirect target without validation. Affected versions include Spring Security 5.7.0–5.7.23; 5.8.0–5.8.25; 6.3.0–6.3.16; 6.4.0–6.4.16; 6....

6.1CVSS5.5AI score0.00211EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 11:44 p.m.34 views

CVE-2026-53675 BuddyPress 14.4.0 Friends List IDOR via REST API

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...

5.3CVSS0.00193EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 11:44 p.m.13 views

CVE-2026-53673 BuddyPress 14.4.0 Private Message IDOR via REST API user_id Parameter

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

8.6CVSS5.5AI score0.00294EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:44 p.m.34 views

CVE-2026-53673 BuddyPress 14.4.0 Private Message IDOR via REST API user_id Parameter

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

8.6CVSS0.00294EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 11:17 p.m.14 views

CVE-2026-9735

MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...

6.8CVSS0.00119EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 11:17 p.m.9 views

CVE-2026-9742

When OIDC authentication is enabled in configuration, clients may set specific values in the "mechanism" parameter of the "authenticate" command that lead to server crash. The authenticate command is accessible to unauthenticated clients, leading to pre-auth denial-of-service in affected product...

8.2CVSS0.00347EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 11:17 p.m.4 views

UBUNTU-CVE-2026-9735

MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...

6.8CVSS5.3AI score0.00119EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 11:0 p.m.9 views

EUVD-2026-35871

SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an attacker-controll...

8.6CVSS5.5AI score0.00422EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 10:43 p.m.115 views

CVE-2026-9740

Affected software: MongoDB Server. Vulnerability: BSON validation logic allows unauthenticated users to crash mongod via a specially crafted message. The BSON validator’s handling of certain nested binary data structures enables uncontrolled mutual recursion, where each re-entry resets internal d...

8.7CVSS5.5AI score0.00345EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 10:43 p.m.46 views

CVE-2026-9740 Unbounded recursion in BSONColumn interleaved-reference causes pre-auth stack overflow

A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions,...

8.7CVSS0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 10:40 p.m.94 views

CVE-2026-9735

CVE-2026-9735 concerns MongoDB server logging of SASL authentication parameters. The connected documents specify that when connection health metric logging is enabled, full authentication parameters (potentially including credentials) may be written to the server log without redaction. The NVD/NV...

6.8CVSS5.5AI score0.00119EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 10:40 p.m.37 views

CVE-2026-9735 Keyfile contents are in MongoDB Server logs

MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...

6.8CVSS0.00119EPSS
Exploits0References1
MongoDB
MongoDB
added 2026/06/09 10:40 p.m.12 views

Keyfile contents are in MongoDB Server logs

MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...

6.8CVSS5.5AI score0.00119EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 10:30 p.m.46 views

CVE-2026-9753 Server crash via malformed binary diff passed to $_internalApplyOplogUpdate.

The $internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $internalApplyOplogUpdate can be executed by any authenticated user with access to the aggregate command...

8.1CVSS0.00298EPSS
Exploits0References1
MongoDB
MongoDB
added 2026/06/09 10:2 p.m.8 views

Server crashes in case of the use of exchange

When using $changestreams and $requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/09 10:0 p.m.12 views

Pheditor: OS Command Injection in terminal handler via unsanitized 'dir' parameter

Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell metacharacters into the 'dir' POST parameter, completely bypassing the TERMINALCOMMANDS whitelist and achieving full Remote Code Execution...

6.4AI score0.00161EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/06/09 9:59 p.m.5 views

GHSA-833P-95JQ-929Q PhoenixStorybook: Unbounded atom creation from LiveView event params (atom-table DoS)

Summary An attacker who can deliver psb-assign, psb-toggle, psb-set-theme, upper-tab-navigation, lower-tab-navigation, playground-change, or playground-toggle LiveView events to a mounted Phoenix Storybook playground can flood the BEAM atom table with attacker-controlled strings, permanently...

8.2CVSS5.5AI score0.00537EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 9:57 p.m.21 views

CVE-2026-9742

The CVE-2026-9742 entry describes a vulnerability in MongoDB where, when OIDC authentication is enabled, a crafted value in the mechanism parameter of the authenticate command can crash the server. The authenticate command is reachable by unauthenticated clients, enabling pre-auth denial-of-servi...

8.2CVSS5.5AI score0.00347EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/06/09 9:55 p.m.36 views

Exploit for CVE-2026-10520

CVE-2026-10520 and CVE-2026-10523 An Ivanti Sentry Authentica...

10CVSS6.7AI score0.98937EPSS
Exploits5
Rows per page
Query Builder