161746 matches found
CVE-2026-39893 Cacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.php
Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL clause without sanitization. The endpoint does not require authentication graph viewing supports guest access via the configured guest...
CVE-2026-39893
Cacti is affected by a pre-auth SQL injection in versions up to 1.2.30 via the rfilter input concatenated into a RLIKE clause in graph_view.php. The vulnerability could be reached without authentication if graph viewing is enabled for a guest user, making it exploitable pre-auth. The issue has be...
CVE-2026-55454
Appsmith (prior to 2.1) exposes the bundled Caddy admin API without authentication inside the container, bound to 0.0.0.0:2019. Although not exposed to the host via docker-compose, it is reachable from the Appsmith server process and can be targeted via SSRF to issue admin-API calls (e.g., POST /...
CVE-2026-9779 ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The...
CVE-2026-9778
ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-9777
CVE-2026-9777 pertains to ATEN Unizon’s restoreDB function, where inadequate validation of a user-supplied path in file operations enables a Directory Traversal leading to Remote Code Execution . The flaw can execute arbitrary code in the context of SYSTEM and requires authentication to exploit. ...
CVE-2026-9776
ATEN Unizon contains a directory traversal flaw in writeFileToHttpServletResponse that allows remote disclosure of sensitive information without authentication. The issue stems from improper validation of a user-supplied path used in file operations, enabling an attacker to access data in the SYS...
CVE-2026-9775
CVE-2026-9775 concerns ATEN Unizon uploadSSL, where a directory traversal flaw allows an attacker to delete arbitrary files due to improper validation of a user-supplied path in file operations. The vulnerability can result in file deletion or denial-of-service, with authentication required and n...
CVE-2026-9775 ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL...
CVE-2026-9774 ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability
ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-9774
CVE-2026-9774 affects ATEN Unizon via the updateLicense directory traversal, enabling arbitrary file deletion. The flaw stems from insufficient validation of a user-supplied path used in file operations. The vulnerability is exploitable remotely over network with authentication required; impact i...
CVE-2026-9772 Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability
Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...
CVE-2026-9772
Unraid Web Server FileUpload Command Injection (CVE-2026-9772) allows authenticated attackers to execute arbitrary code on affected installations via a crafted FileUpload.php input, executing a system call as www-data. Root cause: insufficient validation of a user-supplied string before a system ...
CVE-2026-46423
Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implementation silently skips both SAML Response and Assertion signature validation when the configured Id...
CVE-2026-1840
The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...
CVE-2026-25119
Gogs is an open source self-hosted Git service. Prior to 0.14.3, when ENABLEREVERSEPROXYAUTHENTICATION is enabled, Gogs accepts the configured authentication header default: X-WEBAUTH-USER directly from client requests without validating that the request originated from a trusted reverse proxy. A...
CVE-2026-55762
Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication authRequired: true but performs no authorization check. Any authenticated user —...
CVE-2026-33543 FOSSBilling: Authentication bypass allows unauthenticated administrator creation
FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...
CVE-2026-33543
FOSSBilling versions 0.7.2 and earlier expose a guest API endpoint /api/guest/staff/create intended for initial admin bootstrap. A flawed admin-existence check (is_countable() used on a Model_Admin object or null) makes the guard always evaluate true, allowing unauthenticated creation of an admin...
CVE-2026-46423
Rocket.Chat prior to versions 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11 contains a SAML SP issue where the verifySignatures routine returns early if serviceProviderOptions.cert is falsy, causing silent skip of SAML Response and Assertion signature validation when the IdP certi...