Lucene search
K

5 matches found

NVD
NVD
added 2026/06/11 6:16 p.m.10 views

CVE-2026-47157

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

6.5CVSS0.00195EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/11 5:18 p.m.24 views

CVE-2026-47157 aiograpi: Unsafe signup challenge path handling

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

6.5CVSS0.00195EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/11 5:18 p.m.11 views

EUVD-2026-36272

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

6.5CVSS5.4AI score0.00195EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/23 12:12 a.m.16 views

instagrapi: Unsafe signup challenge path handling in instagrapi

instagrapi versions before 2.6.9 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. A malicious or tampered challenge payload could cause challenge handling requests to be sent outside the intende...

5.8AI score
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.12 views

PT-2026-42861

Name of the Vulnerable Software and Affected Versions aiograpi versions prior to 0.9.10 Description The software accepts server-supplied signup challenge paths and uses them to construct request URLs without first validating that the paths are relative Instagram API paths. If an attacker influenc...

6.5CVSS5.4AI score0.00195EPSS
Exploits0References9
Rows per page
Query Builder