CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added last week•3 views

DEBIAN-CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

3.8CVSS5.9AI score0.00144EPSS

NVD•added last week•4 views

CVE-2026-45692

5.4CVSS0.00144EPSS

Debian CVE•added last week•4 views

CVE-2026-45692

5.4CVSS5.8AI score0.00144EPSS

Exploits1

Cvelist•added last week•30 views

CVE-2026-45692 Caddy: Remote Admin Authorization Bypass in `/config` API via Array Index Normalization

5.4CVSS0.00144EPSS

AlpineLinux•added last week•5 views

CVE-2026-45692

5.4CVSS5.9AI score0.00144EPSS

Exploits1

CVE•added last week•18 views

CVE-2026-45692

CVE-2026-45692 (Caddy) describes a remote admin authorization bypass where the /config traversal layer and the authorization layer disagree on the target object. Specifically, from 2.4.0 through 2.11.3, an authorized path such as /config/apps/http/servers/srv/routes/0 could be used to access or m...

5.4CVSS5.8AI score0.00144EPSS

CVE•added last week•13 views

CVE-2026-52844

CVE-2026-52844 describes a Windows-specific path handling bug in Caddy prior to 2.11.4 where path matchers do not normalize backslashes, causing a request like /private%5csecret.txt to bypass path-scoped auth and reach the protected file, e.g., /private/*, through file_server. The issue is exploi...

7.5CVSS5.9AI score0.00396EPSS

OSV•added last week•2 views

GHSA-744X-3838-5R56 Gogs Vulnerable to Unauthenticated Organization Teams Information Disclosure via API

Summary Gogs has an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint at internal/route/api/v1/orgteam.go:8 returns all teams for any organization without requiring authentication. The route group at internal/route/api/v1/api.go:380-385 lacks the...

6.9CVSS5.8AI score0.01553EPSS

Exploits0References5

OSV•added last week•2 views

GHSA-WMFG-5P4H-5FW3 Gogs allows users to write to readonly repositories using receive-pack + service=git-upload-pack confusion

Summary Git smart HTTP authorizes POST …/git-receive-pack using the client-supplied service query string so ?service=git-upload-pack is evaluated as read access while routing still runs git receive-pack, allowing push where only read should be allowed. Details Gogs' Git Smart HTTP handler for...

7.1CVSS6.1AI score0.00427EPSS

Exploits0References5

Cvelist•added last week•36 views

CVE-2026-54006 Open WebUI: Calendar event re-parenting allows writing events into another user's calendar

4.3CVSS0.00179EPSS

CVE•added last week•10 views

CVE-2026-54006

Open WebUI prior to version 0.9.6 is vulnerable to an IDOR in the calendar events update endpoint. The vulnerability arises because POST /api/v1/calendars/events/{event_id}/update validates write access to the source calendar but does not validate the destination calendar_id in the request body, ...

4.3CVSS5.9AI score0.00179EPSS

CVE•added last week•14 views

CVE-2026-54008

Summary of CVE-2026-54008 (Open WebUI) : The vulnerable code path in backend/open_webui/utils/oauth.py::_process_picture_url validates only the initial picture_url and then fetches it with aiohttp (session.get) using default redirect-follow behavior. This enables an attacker with a valid OAuth Id...

8.5CVSS5.9AI score0.00203EPSS

4.3CVSS5.8AI score0.0024EPSS

WordPress Generate Security.txt plugin <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Security.txt Deletion vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Generate Security.txt versions = 1.0.12...

Patchstack•added last week•4 views

WordPress Devs Accounting – Simple Accounting and Invoicing Solution plugin <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by jamaal in WordPress Plugin Devs Accounting – Simple Accounting and Invoicing Solution versions = 1.2.0...

5.3CVSS5.8AI score0.00348EPSS

4.3CVSS5.8AI score0.00215EPSS

WordPress 24liveblog – live blog tool plugin <= 2.2 - Missing Authorization to Authenticated (Author+) Settings Modification vulnerability

Missing Authorization to Authenticated Author+ Settings Modification vulnerability discovered by g0wthr in WordPress Plugin 24liveblog – live blog tool versions = 2.2...

Patchstack•added last week•4 views

WordPress RentMy Real-Time Rental Management Plugin plugin <= 4.0.4.1 - Missing Authorization to Unauthenticated Settings Update vulnerability

Missing Authorization to Unauthenticated Settings Update vulnerability discovered by Legion Hunter in WordPress Plugin RentMy Real-Time Rental Management Plugin versions = 4.0.4.1...

5.3CVSS5.8AI score0.00255EPSS

CVE•added last week•15 views

CVE-2026-54022

Summary (grounded in provided sources): Open WebUI prior to version 0.8.11 has a logic bug in the ydoc:document:join handler: authorization is only enforced for document IDs starting with the prefix note:. The YdocManager stores documents using a normalized key where colons are replaced with unde...

5.3CVSS5.9AI score0.00268EPSS

4.3CVSS5.8AI score0.00238EPSS

WordPress Assistio plugin <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Settings Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Assistio versions = 1.1.2...

5.3CVSS5.8AI score0.00295EPSS

WordPress Secufor_OAuth plugin <= 1.0.7 - Missing Authorization to Unauthenticated Account Logout vulnerability

Missing Authorization to Unauthenticated Account Logout vulnerability discovered by SHIVAM KUMAR in WordPress Plugin SecuforOAuth versions = 1.0.7...