289 matches found
PT-2026-52655
Name of the Vulnerable Software and Affected Versions Lemur affected versions not specified Description Passwords are stored in plaintext in the users.password column when a user's password is updated. This occurs because the User model only triggers password hashing during the before insert even...
CVE-2026-56272
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-56272
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-56272
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5 (32 iterations), yielding a higher risk of password hash cracking. The vulnerability allows attackers to crack hashes faster on modern GPUs, potentially compromising all user accounts in a database breach. Affected component is the b...
EUVD-2026-38748
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-56272 Flowise - Insufficient Password Salt Rounds in Bcrypt Hashing
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-45410
TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, the backend performed a bcrypt password comparison before...
CVE-2026-42610
Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user EX: Content Editor with only pages.update permissions can bypass the existing Twig sandbox restrictions by utilizing the grav'accounts' service. Attacker can programmatically load administrative user objects and extra...
CVE-2026-39321
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.8.0-alpha.6 and 8.6.74, he login endpoint response time differs measurably depending on whether the submitted username or email exists in the database. When a user is not found, the...
EUVD-2026-34863
TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injection. Version 2.5.0 fixes the issue by requiring either HTTP Basic auth or a ?password= query parameter, comparing the supplied...
CVE-2026-45327
TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injection. Version 2.5.0 fixes the issue by requiring either HTTP Basic auth or a ?password= query parameter, comparing the supplied...
CVE-2026-45327 TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection
TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injection. Version 2.5.0 fixes the issue by requiring either HTTP Basic auth or a ?password= query parameter, comparing the supplied...
CVE-2026-45327
TinyIce (Go) versions 0.8.95–2.4.1 expose a missing authentication on the WebRTC ingest endpoint POST /webrtc/source-offer?mount=, enabling unauthenticated stream injection. The issue is fixed in v2.5.0 by requiring either HTTP Basic auth or a ?password= query parameter, verifying the supplied pa...
NocoDB: User Enumeration via Sign-In Timing
Summary Sign-in response timing differed between known and unknown email addresses because the unknown-user branch returned without performing a password hash comparison. Details The unknown-user branch in auth.service.ts now performs a bcrypt.compare against a fixed dummy hash so the response ti...
GHSA-JR54-JWHJ-55GP NocoDB: User Enumeration via Sign-In Timing
Summary Sign-in response timing differed between known and unknown email addresses because the unknown-user branch returned without performing a password hash comparison. Details The unknown-user branch in auth.service.ts now performs a bcrypt.compare against a fixed dummy hash so the response ti...
PT-2026-46997
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The shared-view password check used strict-equality === comparison for legacy plaintext passwords. This creates a timing oracle, allowing a network-positioned attacker to leak the password length...
Exploit for CVE-2026-45332
CVE-2026-45332 — Broken Access Control in Automad CMS Proof o...
portswigger-labs
PortSwigger Web Security Academy — Lab Notes Notes from compl...
CVE-2026-45332
Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...
Admidio's CSRF in registration `send_login` mode resets arbitrary user passwords
Summary modules/registration.php mode sendlogin regenerates a random password for useruuidassigned, stores its bcrypt hash in admusers.usrpassword, and emails the cleartext to that user. Every other state-changing mode in the same file assignmember, assignuser, deleteuser, createuser calls...