108 matches found
CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...
CVE-2026-46424
Budibase vulnerability CVE-2026-46424 affects versions before 3.38.2. The public API endpoint POST /api/public/v1/roles/unassign updates CouchDB user documents but does not invalidate the Redis cache entries used by authentication middleware, so revoked admin/builder/app roles may persist up to 1...
EUVD-2026-32597
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...
EUVD-2026-32228
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...
CVE-2026-45944
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...
UBUNTU-CVE-2026-45894
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down PASID entry The Intel VT-d Scalable Mode PASID table entry consists of 512 bits 64 bytes. When tearing down an entry, the current implementation zeros the entire 64-byte structure...
CVE-2026-45944 iommu/vt-d: Clear Present bit before tearing down context entry
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...
Budibase 安全漏洞
Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.38.2 contained security vulnerabilities. These vulnerabilities stemmed from the failure to...
Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour
Summary The public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user identity and permissions from this cache TTL: 3600 seconds...
GHSA-6VP2-6R7M-2JVX Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour
Summary The public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user identity and permissions from this cache TTL: 3600 seconds...
PT-2026-42049
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.38.2 Description The public API role unassignment endpoint "/api/public/v1/roles/unassign" updates user documents in CouchDB but fails to invalidate the corresponding Redis user cache entries. Because the...
CentOS 9 : kernel-5.14.0-704.el9
"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-704.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series Fix stale...
GHSA-PJ6Q-4VQ4-R8CG Ech0 allows PUT /api/echo/like/:id unauthenticated: anonymous callers to modify any echo's fav_count
Summary PUT /api/echo/like/:id at internal/router/echo.go:12 is registered on PublicRouterGroup with no authentication and no rate limit. Anonymous callers increment the favcount counter on any echo including private echoes by UUID, repeat the request without deduplication, and trigger a database...
Ech0 allows PUT /api/echo/like/:id unauthenticated: anonymous callers to modify any echo's fav_count
Summary PUT /api/echo/like/:id at internal/router/echo.go:12 is registered on PublicRouterGroup with no authentication and no rate limit. Anonymous callers increment the favcount counter on any echo including private echoes by UUID, repeat the request without deduplication, and trigger a database...
GHSA-258C-965C-P3HC Daptin's Session Management Vulnerability Leads to Insufficient Session Expiration After Password Change
Summary A session invalidation vulnerability exists in daptin's authentication system where JSON Web Tokens JWTs remain fully valid after a user changes their password. The JWT validation middleware CheckJWT only verifies token signature, expiry, issuer, and signing algorithm — it does not check...
GHSA-JW8G-5J46-44RP AVideo: CSRF in userSavePhoto.php Allows Cross-Origin Overwrite of Authenticated Users' Profile Photos with Arbitrary Content
Summary objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not end in .json.php, so it is excluded from the project's global autoCSRFGuard...
Cross-site Request Forgery (CSRF)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the userSavePhoto.php process. An attacker can overwrite authenticated users' profile photos with arbitrary content and trigger...
PT-2026-37293
Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.0 Description A Cross-Site Request Forgery CSRF issue exists in the legacy profile-photo endpoint "objects/userSavePhoto.php". The endpoint accepts a base64 POST parameter imgBase64 and writes the decoded bytes...
EUVD-2026-24496
The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, The OIDC JWKS and Metadata Document caches used an inverted time comparison isBefore instead of isAfter, causing the cache to never return cached values. Every...
CVE-2026-40942 DSF: Inverted Time Comparison in OIDC JWKS and Token Cache
The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, The OIDC JWKS and Metadata Document caches used an inverted time comparison isBefore instead of isAfter, causing the cache to never return cached values. Every...