Lucene search
K

161699 matches found

CVE
CVE
added 2026/06/25 7:9 p.m.12 views

CVE-2026-57521

Bitwarden Server (pre-2026.5.0) has a broken access control in PreviewInvoiceController: any authenticated user can supply an arbitrary organizationId to access that organization’s billing data without membership checks. The issue stems from the missing ManageOrganizationBillingRequirement on the...

5.3CVSS6AI score0.00211EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/25 6:49 p.m.5 views

CVE-2026-48020

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. This vulnerability exists in the StripPrefix middleware, allowing an unauthenticated attacker to bypass route-level authentication and authorization. By crafting a request path containing '..' or its percent-encoded form, an...

10CVSS5.7AI score0.00591EPSS
Exploits2References7
EUVD
EUVD
added 2026/06/25 6:45 p.m.7 views

EUVD-2026-38392

Filament: Multi-factor authentication app recovery codes can still be used multiple times via concurrent submission...

7.4CVSS5.8AI score0.00193EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 6:38 p.m.5 views

CVE-2026-52845

A flaw was found in Caddy, an extensible server platform. A remote attacker can exploit a vulnerability in the forwardauth copyheaders functionality. This occurs because Caddy normalizes HTTP headers into Common Gateway Interface CGI variables by replacing hyphens with underscores, allowing a...

8.1CVSS5.9AI score0.00246EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:38 p.m.4 views

CVE-2026-49980

A flaw was found in Rclone, a command-line program for cloud storage synchronization. When the rcd --rc-serve option is enabled, an unauthenticated remote attacker can send specially crafted GET or HEAD requests to execute arbitrary commands as the Rclone process user. This vulnerability allows f...

9.8CVSS6.5AI score0.00701EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.5 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 6:26 p.m.3 views

GO-2026-5163 Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication in github.com/traefik/traefik

Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication in github.com/traefik/traefik...

10CVSS5.8AI score0.00267EPSS
Exploits1References5
OSV
OSV
added 2026/06/25 6:26 p.m.4 views

GO-2026-5149 Traefik: Pre-authentication decision bypass due to forwarded alias spoofing in github.com/traefik/traefik

Traefik: Pre-authentication decision bypass due to forwarded alias spoofing in github.com/traefik/traefik...

10CVSS5.8AI score0.00479EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.6 views

CVE-2026-53004

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unprivileged local user could exploit an out-of-bounds write vulnerability in the sctpgetsockoptpeerauthchunks function. This occurs due to an incorrect size check, allowing the kernel to write pas...

5.5CVSS6AI score0.00176EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 6:5 p.m.11 views

CVE-2026-56768

Vulnerability summary (CVE-2026-56768) Seahub versions before 13.0.23 fail to enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated access when a folder share-link token is present. An attacker can call the GET endpoint to obtain a fileserver zip token ...

8.8CVSS5.9AI score0.00381EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 6:1 p.m.6 views

EUVD-2026-39515

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS6.8AI score0.00474EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 6:1 p.m.11 views

CVE-2026-56766

Hydra before 9.7 contains a stack buffer overflow in the NTLM authentication handler used by SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing crafted NTLM Type-2 challenges. A malicious server can send a long domain in NTLM Type-2, overflowing a 500-byte st...

8.8CVSS6.8AI score0.00474EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 5:49 p.m.29 views

CVE-2026-54088 File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, the Hook Authentication feature in File Browser allows administrators to delegate login verification to an external shell command. User-supplie...

9.3CVSS0.00533EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 5:49 p.m.16 views

CVE-2026-54088

File Browser (web UI) before version 2.63.6 is affected by a pre-authentication RCE. The Hook Authentication feature interpolates user-supplied credentials into a shell command using os.Expand without sanitization, enabling unauthenticated remote attackers to inject shell metacharacters in the lo...

9.3CVSS6.3AI score0.00533EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 5:46 p.m.29 views

CVE-2026-54089 File Browser: Authentication Bypass via Proxy Auth Header Forgery

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting with 2.0.0-rc.1, when FileBrowser is configured with proxy authentication auth.method=proxy, any unauthenticated attacker who can reach the server...

9.1CVSS0.00337EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 5:46 p.m.7 views

CVE-2026-54089

CVE-2026-54089 impacts File Browser when configured with proxy authentication (auth.method=proxy). The issue allows an unauthenticated attacker who can reach the server to impersonate any user—including an administrator—by sending a single forged HTTP header. No credentials are required. Addition...

9.1CVSS5.8AI score0.00337EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

keycloak: org.keycloak/keycloak-services: Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

4.3CVSS5.8AI score0.00392EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 5:16 p.m.11 views

CVE-2026-54040

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring any TOTP token or existing backup code verification. An attacker with a stolen session token can...

7.1CVSS0.0015EPSS
Exploits1References1
NVD
NVD
added 2026/06/25 5:16 p.m.7 views

CVE-2026-54573

Outline is a service that allows for collaborative documentation. Prior to 1.8.0, the AuthenticationHelper.canAccess function uses ctx.originalUrl to verify if an API key or OAuth token has the required scopes for a request. It extracts the resource by splitting the URL by / and taking the last...

5.3CVSS0.00285EPSS
Exploits0References1
Rows per page
Query Builder