Lucene search
K

1348 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 11:44 p.m.8 views

CVE-2026-53675 BuddyPress 14.4.0 Friends List IDOR via REST API

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...

5.3CVSS5.6AI score0.00193EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/08 11:35 p.m.14 views

nebula-mesh: GET /api/v1/audit-log discloses all entries to any operator

internal/api/audit.go:12 — handleGetAuditLog does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via store.ListAuditEntries up to limit=1000. This includes cross-tenant actor names, host/CA/operator IDs, action timestamps, and masked-IP entrie...

5.5AI score0.00043EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iowqremovepending function in iowq. This function does not check whether the predecessor has...

7.8CVSS5.2AI score0.00138EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/06 3:28 a.m.10 views

CVE-2026-8839

The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.96.6. This is due to missing ownership verification in the REST API routes registered via MappressApi::restapiinit, where the GET...

5.3CVSS5.5AI score0.00813EPSS
Exploits0References25
Cvelist
Cvelist
added 2026/06/06 3:28 a.m.41 views

CVE-2026-8839 MapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API Endpoints

The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.96.6. This is due to missing ownership verification in the REST API routes registered via MappressApi::restapiinit, where the GET...

5.3CVSS0.00813EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.14 views

PT-2026-47142

Name of the Vulnerable Software and Affected Versions MapPress Maps for WordPress versions prior to 2.96.7 Description An authorization bypass exists due to missing ownership verification in REST API routes registered via the Mappress Api::rest api init function. The GET...

5.3CVSS5.5AI score0.00813EPSS
Exploits0References28
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.10 views

CVE-2026-8454

Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...

5.3CVSS5.7AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-1930

The Emailchef plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pageoptionsajaxdisconnect function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS5.5AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-40592

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the undo-send route GET /conversation/undo-reply/threadid checks only whether the current user can view the parent conversation. It does not verify that the current user created the reply being undone. In a...

5.9CVSS5.5AI score0.00238EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.8 views

CVE-2026-29204

Insufficient ownership check in clientarea.php allows an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's account...

9.1CVSS5.5AI score0.00319EPSS
Exploits1References1
OSV
OSV
added 2026/06/05 4:28 p.m.7 views

GHSA-7P8G-6C6G-H9W7 praisonai-platform: Agent endpoints accept any agent_id without workspace ownership check, cross-workspace read/update/delete IDOR

Summary Type: Insecure Direct Object Reference. The agent CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/agents/agentid gate access on requireworkspacememberworkspaceid only, then resolve agentid through AgentService.getagentid which is a primary-key lookup with no workspace...

8.3CVSS5.5AI score0.00043EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 4:22 p.m.8 views

GHSA-XXPJ-Q764-9R6Q NocoDB: Missing Ownership Check in MCP Attachment Read

Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. Details The MCP readAttachment tool accepts...

2.3CVSS5.5AI score0.00209EPSS
Exploits0References3
Redos
Redos
added 2026/06/05 12:0 a.m.9 views

ROS-20260605-73-0083

The vulnerability in Firefox is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

9.8CVSS5.5AI score0.00424EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.7 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

5.8AI score0.00328EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 12:0 a.m.11 views

EUVD-2026-34317

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 12:31 a.m.15 views

EUVD-2026-33801

In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00067EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 10:16 p.m.16 views

CVE-2026-0086

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.8CVSS0.00075EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:14 p.m.10 views

CVE-2026-0086

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00075EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.37 views

CVE-2026-0086

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00075EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.32 views

CVE-2025-26418

In setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypass the user dialog when adding an account to a managed device due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...

0.00068EPSS
Exploits0References1
Rows per page
Query Builder