Lucene search
K

2881 matches found

Cvelist
Cvelist
added 17 hours ago10 views

CVE-2026-12988 WP 2FA < 3.1.1.2 - Account Takeover via 2FA Setup Email Binding

The WP 2FA WordPress plugin before 3.1.1.2 does not verify that the email address supplied during two-factor authentication setup belongs to the user, allowing an attacker who has obtained a user's credentials to redirect the setup verification code to an attacker-controlled email address and tak...

Exploits0References1
CVE
CVE
added 17 hours ago11 views

CVE-2026-12988

The WP 2FA WordPress plugin before 3.1.1.2 does not verify that the email address supplied during two-factor authentication setup belongs to the user, allowing an attacker who has obtained a user's credentials to redirect the setup verification code to an attacker-controlled email address and tak...

6.4CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added 23 hours ago5 views

EUVD-2026-43568

OpenClaw versions before 2026.6.9 contain an authorization bypass vulnerability in the flock wrapper that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can leverage configured input paths to bypass durable exec approval binding and perform...

8.8CVSS6.2AI score
Exploits0References3
NVD
NVD
added 2 days ago7 views

CVE-2026-56241

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

8.3CVSS0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43224

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

8.3CVSS6.1AI score0.00211EPSS
Exploits0References2
CVE
CVE
added 2 days ago16 views

CVE-2026-56241

Capgo (pre-12.128.2) contains a privilege-escalation vulnerability where demoted super_admin users retain access to RPCs delete_non_compliant_bundles and count_non_compliant_bundles due to a stale org_users.user_right value not being cleared when a role binding is deleted. This allows an attacker...

8.3CVSS6.1AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 4 days ago2 views

CVE-2026-57215 RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

7CVSS6.1AI score0.00245EPSS
Exploits1References8
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-57215 RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

7CVSS0.00245EPSS
Exploits1References6
NVD
NVD
added 4 days ago6 views

CVE-2026-55478

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/kitid/licenses checks whether the caller can edit kits but does not authorize access to the referenced license object, allowing a low-privilege user with predefined-kit permissions to bind a license they should n...

5.4CVSS0.00175EPSS
Exploits0References3
Metasploit
Metasploit
added 4 days ago15 views

FTP Fetch, Linux x64 Command Shell, Bind TCP Inline (IPv6)

Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection and spawn a command shell Module Options msf use payload/cmd/linux/ftp/x64/shellbindipv6tcp msf payloadshellbindipv6tcp show actions ...actions... msf payloadshellbindipv6tcp set ACTION msf payloadshellbindipv6tcp...

6.2AI score
Exploits0
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42986

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/kitid/licenses checks whether the caller can edit kits but does not authorize access to the referenced license object, allowing a low-privilege user with predefined-kit permissions to bind a license they should n...

5.4CVSS6.1AI score0.00175EPSS
Exploits0References3
CVE
CVE
added 4 days ago30 views

CVE-2026-55672

Summary (concrete details) : The CVE concerns Zitadel, an open-source identity management platform. The vulnerability occurs in the OAuth2/OIDC CodeExchange and RefreshToken flows (and related device token flow) where verification that the requesting client matches the originally authorized clien...

7.4CVSS6.1AI score0.00276EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-55672 ZITADEL: Missing client_id binding in OIDC authorization code exchange and refresh token flows (RFC 6749 Section 4.1.3 violation)

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's OAuth2 and OIDC CodeExchange, RefreshToken, and device token flows fail to verify that the requesting client matches the client that initiated the authorization flow, allowing intercepted grants or refre...

7.4CVSS0.00276EPSS
Exploits0References5
NVD
NVD
added 4 days ago6 views

CVE-2026-12597

The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via the GitHub OAuth callback in versions up to, and including, 6.2.3. The vulnerability exists in the loginpressongithublogin function, which blindly trusts the first element profile0'email' of the array returned by...

8.1CVSS0.00422EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-57261

Name of the Vulnerable Software and Affected Versions Prowler versions prior to 5.30.3 Description The SAML authentication flow trusts the email domain asserted in a SAMLResponse to determine the recipient tenant of the final token. Additionally, the ACS finish logic in the endpoint...

9.6CVSS6.1AI score0.00296EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-57269

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.2 Description An authorization flaw exists in the IT asset and license management system. The endpoint "/api/v1/kits/kit id/licenses" verifies if the user has permissions to edit kits but fails to authorize acces...

5.4CVSS6.1AI score0.00175EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 4 days ago10 views

Coder < 2.29.17 / 2.30.x < 2.32.7 / 2.33.x < 2.33.8 / 2.34.x < 2.34.2 Multiple Vulnerabilities

The version of Coder installed on the remote host is prior to 2.29.17, 2.32.7, 2.33.8, or 2.34.2. It is, therefore, affected by multiple vulnerabilities: - A user-admin role can reset the owner account password, resulting in privilege escalation from user-admin to owner. CVE-2026-55077 - A...

8.7CVSS6.2AI score0.00615EPSS
Exploits0References14
NVD
NVD
added 5 days ago9 views

CVE-2026-44342

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind used GET requests for state-changing account operations, allowing a...

5.3CVSS0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-44342

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind used GET requests for state-changing account operations, allowing a...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References4Affected Software1
CVE
CVE
added 5 days ago20 views

CVE-2026-44342

CVE-2026-44342 describes a CSRF vulnerability in the New API where GET requests on state-changing endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind could allow an attacker to bind an email or OAuth identity for a logged-in user when session cookies are susceptible to cross-site n...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References3
Rows per page
Query Builder