Lucene search
K

100 matches found

EUVD
EUVD
added 2026/05/11 9:9 p.m.10 views

EUVD-2026-29334

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 9:9 p.m.9 views

CVE-2026-43890 Outline: IDOR in subscriptions.create allows cross-tenant subscription on private documents (sibling of GHSA-23jj-rp48-w7q7)

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References1
OSV
OSV
added 2026/05/09 1:16 a.m.4 views

DEBIAN-CVE-2026-6667

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2026/05/08 8:1 p.m.7 views

GHSA-HMGR-67HW-J2CQ Open WebUI: Deactivated Channel Members Retain Full Access to Group/DM Channels

Deactivated Channel Members Retain Full Access to Group/DM Channels Affected Component Channel membership authorization check: - backend/openwebui/models/channels.py lines 663-673, isuserchannelmember - Used at 15 locations in backend/openwebui/routers/channels.py Affected Versions Current main...

5.4CVSS5.8AI score0.00178EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39278

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description In the self-hosted artificial intelligence platform Open WebUI, the is user channel member function fails to verify the is active field when checking channel membership. When a user is removed fro...

5.4CVSS5.8AI score0.00178EPSS
Exploits1References7
OSV
OSV
added 2026/04/25 11:49 p.m.4 views

GHSA-XRQ9-JM7V-G9H7 OpenClaw: Paired-device pairing actions were not limited to the caller device

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact A paired device session with limited pairing scope could enumerate global pairing state and act on pairing requests that belonged to another device within the same gateway scope...

2.3CVSS5.8AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 11:19 p.m.4 views

CVE-2026-29197

In versions 8.4.0, 8.3.2, 8.2.2, 8.1.3, 8.0.4, 7.13.6, 7.12.7, 7.11.7, and 7.10.10, the endpoints /api/apps/logs and /api/apps/:id/logs have a typo in the required permission check, allowing authenticated users without the proper permissions to read apps-engine logs...

5.8AI score0.00182EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 11:41 p.m.5 views

CVE-2026-41133

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

8.8CVSS5.7AI score0.00325EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/04/21 11:41 p.m.6 views

EUVD-2026-24574

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

8.8CVSS5.7AI score0.00325EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/20 11:3 p.m.27 views

CVE-2026-34082 Dify has IDOR in deleting someone else's chat conversation

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

5.3CVSS0.00188EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/18 12:7 a.m.9 views

EUVD-2026-23632

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can access the user-management endpoints /settings/users and use them to enumerate all users and create a new administrator account. This happens because the route...

8.8CVSS5.7AI score0.00441EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/18 12:5 a.m.6 views

EUVD-2026-23619

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate their own account to administrator by sending isAdmin=true to PUT /settings/users/userId for their own user ID. The endpoint is intended to let a user ed...

8.8CVSS5.8AI score0.0053EPSS
Exploits1References4
OSV
OSV
added 2026/04/13 6:9 a.m.3 views

BIT-GITLAB-2026-2619 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authenticated user with auditor privileges to modify vulnerability flag data in private projects due to...

4.3CVSS5.8AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2026/04/10 7:32 p.m.3 views

GHSA-VW86-C94W-V3X4 SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView`

Summary The endpoint /api/av/removeUnusedAttributeView is vulnerable to a path traversal CWE-22 that allows an attacker to delete arbitrary .json files on the server. The issue arises because user-controlled input id is directly used in filesystem path construction without validation or...

8.5CVSS6AI score0.00287EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/10 7:32 p.m.7 views

SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView`

Summary The endpoint /api/av/removeUnusedAttributeView is vulnerable to a path traversal CWE-22 that allows an attacker to delete arbitrary .json files on the server. The issue arises because user-controlled input id is directly used in filesystem path construction without validation or...

8.5CVSS6AI score0.00287EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/09 12:32 a.m.3 views

EUVD-2026-20799

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authenticated user with auditor privileges to modify vulnerability flag data in private projects due to...

4.3CVSS5.9AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2026/04/07 6:15 p.m.8 views

GHSA-5HFF-46VH-RXMW OpenClaw: Read-scoped identity-bearing HTTP clients could kill sessions via /sessions/:sessionKey/kill

Summary Before OpenClaw 2026.4.2, POST /sessions/:sessionKey/kill did not enforce write scopes in identity-bearing HTTP modes. A caller limited to read-only operator scopes could still terminate a running subagent session. Impact A read-scoped caller could perform a write-class control-plane...

5.4CVSS5.8AI score0.00187EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/26 9:34 p.m.2 views

Incorrect Authorization

Overview @openclaw/nextcloud-talk is an OpenClaw Nextcloud Talk channel plugin Affected versions of this package are vulnerable to Incorrect Authorization in the room authorization process. An attacker can gain unauthorized access to rooms with similar names by exploiting the matching logic that...

5.4CVSS5.9AI score0.00241EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/26 9:31 p.m.7 views

EUVD-2026-16391

Incorrect Authorization vulnerability in Drupal AI Artificial Intelligence allows Resource Injection.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12...

5.8AI score0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/03/26 5:16 p.m.3 views

CVE-2026-33470

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In version 0.17.0, a low-privilege authenticated user restricted to one camera can access snapshots from other cameras. This is possible through a chain of two authorization problems: /api/timeline return...

6.5CVSS0.00305EPSS
Exploits1References1
Rows per page
Query Builder