Lucene search
+L

1305 matches found

Nuclei
Nuclei
added 8 hours ago18 views

MLflow < 3.10.0 - Authentication Bypass on FastAPI Routes

A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to certain FastAPI routes when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authentication on /gateway/...

8.6CVSS8.1AI score0.01502EPSS
Exploits1References2
Nuclei
Nuclei
added 8 hours ago18 views

TOTOLINK/Realtek Routers - CAPTCHA Bypass

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to the boafrm/formLogin URI with the JSON payload "topicurl":"setting/getSanvas". This allows an unauthenticated attacker to bypass CAPTCHA verification, gaining unauthorized access to restricted...

9.8CVSS8.4AI score0.29557EPSS
Exploits3References2
NVD
NVD
added 2 days ago6 views

CVE-2026-56764

Hono before 4.11.10 contains a timing attack vulnerability in the basicAuth and bearerAuth middlewares due to non-constant-time string comparison in the timingSafeEqual function. Attackers can exploit early termination of string equality checks to infer valid credentials through precise timing...

6.3CVSS0.00229EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

CVE-2026-56764 Hono - Timing Attack in basicAuth and bearerAuth Middleware

Hono before 4.11.10 contains a timing attack vulnerability in the basicAuth and bearerAuth middlewares due to non-constant-time string comparison in the timingSafeEqual function. Attackers can exploit early termination of string equality checks to infer valid credentials through precise timing...

6.3CVSS6.1AI score0.00229EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-56764 Hono - Timing Attack in basicAuth and bearerAuth Middleware

Hono before 4.11.10 contains a timing attack vulnerability in the basicAuth and bearerAuth middlewares due to non-constant-time string comparison in the timingSafeEqual function. Attackers can exploit early termination of string equality checks to infer valid credentials through precise timing...

6.3CVSS0.00229EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-44631

Hono before 4.11.10 contains a timing attack vulnerability in the basicAuth and bearerAuth middlewares due to non-constant-time string comparison in the timingSafeEqual function. Attackers can exploit early termination of string equality checks to infer valid credentials through precise timing...

6.3CVSS6.1AI score0.00229EPSS
Exploits0References2
NVD
NVD
added 2026/07/08 8:16 p.m.6 views

CVE-2026-44332

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0, the default Authorizer function in the BasicAuth middleware in middleware/basicauth/config.go uses short-circuit evaluation that skips password hash comparison for non-existent usernames, enabling reliable remote username...

5.3CVSS0.00517EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/07/08 7:32 p.m.49 views

CVE-2026-44332 Fiber: Username Enumeration via Timing Oracle in BasicAuth Default Authorizer

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0, the default Authorizer function in the BasicAuth middleware in middleware/basicauth/config.go uses short-circuit evaluation that skips password hash comparison for non-existent usernames, enabling reliable remote username...

5.3CVSS0.00517EPSS
Exploits1References4
CVE
CVE
added 2026/07/08 7:32 p.m.25 views

CVE-2026-44332

Fiber’s Go-based web framework vulnerability CVE-2026-44332 affects the BasicAuth middleware’s default Authorizer prior to v3.3.0. The issue arises from short-circuit evaluation in the Authorizer: for non-existent usernames, the password hash check is skipped, enabling remote username enumeration...

5.3CVSS6AI score0.00517EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/07/07 3:13 p.m.9 views

SUSE CVE-2026-54763

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not account for underscore-variant header names, which...

7.5CVSS6AI score0.00256EPSS
Exploits0References3
CVE
CVE
added 2026/07/06 8:33 p.m.46 views

CVE-2026-54763

Traefik (HTTP reverse proxy/load balancer) before versions v2.11.51, v3.6.22, and v3.7.6 allows underscore-variant identity spoofing via BasicAuth, DigestAuth, and ForwardAuth middlewares. These middlewares strip canonical header names but don’t account for underscore-variant headers, letting an ...

10CVSS6AI score0.00256EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:33 p.m.6 views

CVE-2026-54763

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not account for underscore-variant header names, which...

7.8CVSS6AI score0.00256EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/07/06 8:33 p.m.40 views

CVE-2026-54763 Traefik: headerField underscore-variant identity spoofing in BasicAuth / DigestAuth / ForwardAuth

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not account for underscore-variant header names, which...

7.8CVSS0.00256EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/06 9:30 a.m.6 views

EUVD-2026-41863

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS6AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 9:30 a.m.33 views

CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS0.00386EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-56011

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.51 Traefik versions prior to 3.6.22 Traefik versions prior to 3.7.6 Description Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares fail to account for underscore-variant header names when stripping...

10CVSS5.9AI score0.00256EPSS
Exploits0References13
CVE
CVE
added 2026/07/03 8:19 p.m.80 views

CVE-2026-28699

Summary: CVE-2026-28699 affects Gitea up to 1.26.1, where OAuth2 tokens presented via HTTP Basic authentication bypass scope enforcement. Root cause (from connected docs): In services/auth/basic.go, OAuth2 tokens are accepted through the Basic path with LoginMethod and IsApiToken set, but ApiToke...

8.1CVSS7.1AI score0.00566EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.6 views

CVE-2026-28699

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...

8.1CVSS5.8AI score0.00566EPSS
Exploits1References5
OSV
OSV
added 2026/07/03 8:19 p.m.6 views

CVE-2026-28699 Gitea Basic Auth bypasses OAuth2 access token scopes

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...

8.1CVSS7.1AI score0.00566EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.40 views

CVE-2026-28699 Gitea Basic Auth bypasses OAuth2 access token scopes

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...

8.1CVSS0.00566EPSS
Exploits1References4
Rows per page
Query Builder