2 matches found
CVE-2026-61740
LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, when LightRAG is deployed with LIGHTRAGAPIKEY set but AUTHACCOUNTS unset, X-API-Key protection can be bypassed because lightrag/api/auth.py falls back to a hardcoded DEFAULTTOKENSECRET, /auth-status and /login can...
The vulnerability of the virtual learning environment Moodle, related to lack of access control, allows a intruder to gain unauthorized access to limited functional capabilities.
The vulnerability in the virtual learning environment Moodle is related to the lack of access control when deleting associated OAuth2 accounts. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to limited functionality...