CVE-2026-25903

Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...

Missing Authorization Validation on MLflow MPU Endpoints Leads to Cross-Resource Artifact Overwrite, Model Poisoning, and Cross-Boundary Command Execution on Model Load

Analyzed version: 5af88dc08a54d40dddfc019da9e7f0fd0fcf34e2 git describe: nightly-2300-g5af88dc08, local mlflow.version: 3.10.1.dev0 In --serve-artifacts mode, MLflow exposes MPU endpoints for large-file multipart uploads. However, its authorization logic only covers the /mlflow-artifacts/artifact...

CVE-2026-26368

eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the resetUserPassword JSON-RPC method that allows any authenticated low-privileged user UGUSER to reset the password of arbitrary accounts, including those in the UGADMIN and UGSUPERADMIN groups, without...

CVE-2026-0509

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required SRFC authorization in certain cases. This can result in a high impact on integrity and availability, and no impact on the...

CVE-2026-25806

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do...

CVE-2026-25530

Kanboard (Kanban project management) has a flaw in the getSwimlane API where, prior to version 1.2.50, there is insufficient project-level authorization, allowing authenticated users to read swimlane data from projects they should not access. The issue is resolved in 1.2.50. Affected component: g...

CVE-2026-25530 Kanboard is missing authorization check in getSwimlane API allows cross-project data access

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, the getSwimlane API method lacks project-level authorization, allowing authenticated users to access swimlane data from projects they cannot access. This vulnerability is fixed in 1.2.50...

CVE-2026-1722

CVE-2026-1722 affects WCFM Marketplace – Multivendor Marketplace for WooCommerce (WordPress) versions up to 3.7.0. The root cause is missing authorization checks in the wcfm-refund-requests-form AJAX controller, enabling unauthenticated users to create arbitrary refund requests for any order/item...

CVE-2026-24327

Due to missing authorization check in SAP Strategic Enterprise Management Balanced Scorecard in Business Server Pages, an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or...

CVE-2026-24326

Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...

CVE-2026-24326 Missing authorization check in SAP S/4HANA Defense & Security (Disconnected Operations)

Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...

CVE-2026-24322

CVE-2026-24322 affects the SAP Solution Tools Plug-In (ST-PI). A function module does not perform required authorization checks for authenticated users, enabling disclosure of sensitive information. Impact is confined to confidentiality (high) per the provided metrics (CVSS 3.1: base 7.7, HIGH). ...

CVE-2026-0509

SAP NetWeaver Application Server ABAP and ABAP Platform suffers a vulnerability where an authenticated, low-privilege user can perform background RFCs without S_RFC authorization in certain cases. The issue impacts integrity and availability (high) but not confidentiality. Affected component/func...

PT-2026-7215

SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...

PT-2026-7240

The WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0. This is due to the plugin not implementing authorization checks in the wcfm-refund-requests-form AJAX controller. This...

PT-2026-7225

Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...

CVE-2026-25806

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do...

CVE-2026-25806 PlaciPy has Missing Authorization Checks on Student Management Endpoints (IDOR)

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do...

CVE-2026-25806 PlaciPy has Missing Authorization Checks on Student Management Endpoints (IDOR)

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do...

CVE-2026-25806

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do...