Lucene search
+L

3116 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.14 views

CVE-2026-27393

Missing Authorization vulnerability in Tobias CF7 WOW Styler allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 WOW Styler: from n/a through 1.7.6...

5.3CVSS5.4AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.12 views

CVE-2026-48971

Missing Authorization vulnerability in WebToffee Product Import Export for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Import Export for WooCommerce: from n/a through 2.5.6...

4.3CVSS5.4AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS5.5AI score0.0027EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.15 views

CVE-2026-42753

Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through = 2.11.10...

7.3CVSS5.4AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.11 views

CVE-2026-46823

Vulnerability in the Oracle Public Sector Financials International product of Oracle E-Business Suite component: Authorization. Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Orac...

7.7CVSS5.5AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

CollegeManagementSystem 授权问题漏洞

CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. There are authorization issues in CollegeManagementSystem; these vulnerabilities stem from improper handling of the UserAuthData parameter in the...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

CollegeManagementSystem 授权问题漏洞

CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. There are authorization issues in CollegeManagementSystem; these issues stem from improper handling of the UserAuthData parameter in the sessionstart functio...

7.5CVSS6.4AI score0.00232EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Linqi 安全漏洞

Linqi is an English speaking practice platform developed by the German company Linqi. The platform combines human language interaction with AI feedback. Linqi has a security vulnerability, which stems from the lack of authorized checks. As a result, any authenticated user can read and write...

7.1CVSS5.3AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

SourceCodester Ship Ferry Ticket Reservation System 授权问题漏洞

The SourceCodester Ship Ferry Ticket Reservation System is an open-source booking system developed by SourceCodester. Version 1.0 of the SourceCodester Ship Ferry Ticket Reservation System has a vulnerability related to authorization issues. This vulnerability arises from improper handling of the...

6.5CVSS6.4AI score0.0027EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Iris 授权问题漏洞

Iris is an open-source fast, simple, yet fully functional and highly efficient Go network framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 had an authorization issue vulnerability. This vulnerability stemmed from the GraphQL endpoints not enforcing authorization checks, which...

7.1CVSS5.3AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 11:16 a.m.13 views

CVE-2025-14774

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

7.4CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 9:48 a.m.24 views

CVE-2025-14774

ABB T-MAC Plus 4.0-24 is affected by an Incorrect Authorization vulnerability. The CVSS metrics indicate adjacent access with low attack complexity and no user interaction, but no exploitable details or patch information are provided in the documents. Impact is reported as HIGH for integrity and ...

7.4CVSS5.8AI score0.0018EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Student-Management-System 授权问题漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability related to authorization in Student-Management-System, which stems from unknown functions of the Administrative Backend component in the admin/config.php file. This...

7.5CVSS7.3AI score0.00405EPSS
Exploits0References6
NVD
NVD
added 2026/06/02 2:16 p.m.16 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 12:16 p.m.17 views

CVE-2026-42669

Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventPrime: from n/a through 4.3.2.0...

7.5CVSS0.00202EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45734

Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...

5.8AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

WordPress plugin Crew HRM 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.5AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Hermes Agent 授权问题漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.23 contained an authorization vulnerability. This vulnerability stemmed from issues with the syncanthropicentryfromcredentialsfile function in the Credential...

5.3CVSS5.3AI score0.0014EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Student-Management-System 授权问题漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in the student-management-system’s authorization mechanism; this vulnerability stems from improper authentication of unknown functions, which may lead to remote attac...

7.5CVSS5.4AI score0.00498EPSS
Exploits0References12
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.15 views

WordPress JTL-Connector for WooCommerce plugin <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Settings Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Modification vulnerability discovered by Muhan Luo - Security Innovation in WordPress Plugin JTL-Connector for WooCommerce versions = 2.4.1...

4.3CVSS5.8AI score0.00198EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder