CVE-2026-36537

ThingsBoard v4.3.0.1 is vulnerable to an authentication bypass during the OAuth authorization code exchange. The application improperly trusts user-supplied identity data within the user parameter of the /login/oauth2/code/ endpoint. By manipulating the email address in this JSON object, a remote...

CVE-2026-48709 OliveTin: ValidateArgumentType API Endpoint Missing Authentication Allows Action and Argument Enumeration

OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, The ValidateArgumentType RPC endpoint in service/internal/api/api.go does not perform any authentication or authorization checks. Unlike all other data-returning API endpoints, it does not cal...

CVE-2026-48709

CVE-2026-48709 affects OliveTin’s ValidateArgumentType RPC endpoint (service/internal/api/api.go). In versions

GHSA-HPJ7-WQ8M-9HGP aiohttp: DigestAuthMiddleware Applies Credentials to Cross-Origin Redirect Challenges

Summary DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. Impact If the client follows a redirect the default option to an attacker controlled domain, the attacker may be able to extract the auth digest. This likely requires an open redirect...

GHSA-G8MR-85JM-7XHM Vitest Browser: Exposed Browser Mode API Can Proxy CDP and Overwrite Config Files, Leading to RCE

Summary Vitest Browser Mode exposes a cdp API that forwards raw Chrome DevTools Protocol CDP methods over the Vitest browser WebSocket RPC. CDP is not gated by browser.api.allowWrite, browser.api.allowExec, api.allowWrite, or api.allowExec. As a result, disabling Browser Mode write and exec...

EUVD-2026-36999

MultiJuicer is used to run separate Juice Shop instances on a central kubernetes cluster without the need for local instances. In versions 8.0.0 through 10.0.0, the team join endpoint POST /multi-juicer/api/teams/team/join accepted requests with any Content-Type, including text/plain. Because tha...

CVE-2026-49952 Discuz! X5.0 Authentication Bypass via dbbak.php Encryption Oracle

Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cryptographic key between UCenter integration and the databa...

CVE-2026-49952

Discuz! X5.0 (versions 20260320–20260501) contains an authentication bypass vulnerability in which an attacker can abuse a shared cryptographic key between UCenter integration and the dbbak.php database backup API. By injecting a crafted payload via the login username, an encryption-oracle path i...

Brute Force Attack

Yamcs Core is vulnerable to Brute Force Attack. The vulnerability is due to the absence of rate limiting, account lockout, and failed login throttling on the /auth/token endpoint, which allows an attacker to perform unlimited password-guessing attempts and conduct brute-force attacks against user...

GHSA-RRJ9-5Q2J-4GVR Symfony: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade

Description Symfony\Component\Mailer\Bridge\Mailomat\Webhook\MailomatRequestParser::validateSignature parses the X-MOM-Webhook-Signature request header as algo=signature and passes the wire-supplied $algo directly to hashhmac when verifying the request against the configured webhook secret. The...

MGASA-2026-0210 Updated putty packages fix security vulnerabilities

ECDSA signature verification can be made to fail an assertion. Server can provoke a double free in RSA KEX code. Telnet session data is marked with trust sigils after authenticating to a proxy. PuTTY Ed25519 Signature ecc-ssh.c eddsaverify signature verification. CVE-2026-4115...

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

CVE-2026-49062

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

CVE-2016-20067

WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in...

EUVD-2026-36725

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

CVE-2026-49062 WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

EUVD-2026-36721

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

CVE-2026-49062 WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

CVE-2026-49062

CVE-2026-49062 concerns the WordPress plugin Faust.js (faustwp)

CVE-2026-49757

Authentication Bypass by Spoofing vulnerability in team-alembic AshAuthentication allows account takeover of local users via OAuth2/OIDC sign-in. AshAuthentication's OAuth2 and OIDC family strategies matched the local user by email address an upsert on the email field, or a user-defined sign-in...