Lucene search
K

215 matches found

CVE
CVE
added 2026/05/27 3:3 p.m.165 views

CVE-2026-44838

RabbitMQ MQTT plugin contains a permission bypass vulnerability: topic-level authorization uses user-supplied client_id substituted into a regex pattern without escaping. From 4.2.0 up to before 4.2.4, an authenticated MQTT user could inject regex operators to bypass topic restrictions. The issue...

8.1CVSS5.8AI score0.0025EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/18 4:16 p.m.19 views

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

7.5CVSS0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/18 12:0 a.m.42 views

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 5:30 p.m.36 views

CVE-2026-42092 Global Settings Publication Exposes Sensitive Configuration to Any Authenticated User in Titra

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 5:30 p.m.13 views

EUVD-2026-27069

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 5:30 p.m.9 views

CVE-2026-42092 Global Settings Publication Exposes Sensitive Configuration to Any Authenticated User in Titra

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 12:25 p.m.31 views

CVE-2026-5367 Ovn: ovn: information disclosure via crafted dhcpv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS0.00868EPSS
Exploits0References11
CVE
CVE
added 2026/04/24 12:25 p.m.20 views

CVE-2026-5367

CVE-2026-5367 : A flaw in OVN (Open Virtual Network) allows a remote attacker to trigger an out-of-bounds read in ovn-controller by sending crafted DHCPv6 SOLICIT packets with an inflated Client ID length. This can disclose sensitive heap memory to the attacker’s VM port. Connected sources consis...

8.6CVSS5.2AI score0.00868EPSS
Exploits0References14
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:25 p.m.4 views

CVE-2026-5367

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References12
Snyk
Snyk
added 2026/04/22 5:6 p.m.5 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to the SkipClientIDCheck configuration in the OIDC authentication provider, which disables audience claim validation. An attacker can gain unauthorized access by presenting a token issued for a different...

9.2CVSS5.5AI score0.00255EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 9:18 p.m.6 views

CVE-2026-40946

Oxia is a metadata store and coordination system. Prior to 0.16.2, the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience aud claim validation at the library level. This allows tokens issued for unrelate...

9.2CVSS5.7AI score0.00255EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/20 12:0 a.m.10 views

UBUNTU-CVE-2026-5367

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.8AI score0.00868EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.10 views

PT-2026-33836

Name of the Vulnerable Software and Affected Versions OVN affected versions not specified Description A flaw in OVN Open Virtual Network allows a remote attacker to cause the ovn-controller to perform an out-of-bounds read by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6...

8.6CVSS5.2AI score0.00868EPSS
Exploits0References44
EUVD
EUVD
added 2026/04/17 12:31 a.m.5 views

EUVD-2024-55551

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References3
CVE
CVE
added 2026/04/16 10:27 p.m.8 views

CVE-2024-58343

CVE-2024-58343 affects Vision Helpdesk versions prior to 5.7.0, with a patch available in 5.6.10. The issue allows attackers to read user profiles by tampering serialized cookie data in vis_client_id. The CVSS v3.1 base score is 4.3 (MEDIUM) with network attack vector, low attack complexity, and ...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/16 10:27 p.m.19 views

CVE-2024-58343

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

4.3CVSS0.00168EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.10 views

PT-2026-33372

CVE-2024-58343 Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to vis client id. https://t.co/8Cf7DKLrcr...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/04/14 11:14 p.m.7 views

GHSA-FHVP-9HCJ-6M33 Oxia has an OIDC token audience validation bypass via SkipClientIDCheck

Summary The OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience aud claim validation at the library level. This allows tokens issued for unrelated services by the same OIDC issuer to be accepted by Oxia...

9.3CVSS5.8AI score0.00255EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/14 11:14 p.m.8 views

Oxia has an OIDC token audience validation bypass via SkipClientIDCheck

Summary The OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience aud claim validation at the library level. This allows tokens issued for unrelated services by the same OIDC issuer to be accepted by Oxia...

9.2CVSS5.8AI score0.00255EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/28 12:25 a.m.7 views

SUSE CVE-2026-33215

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and Messages can by hijacked via MQTT Client ID malfeasance. Versions 2.11.15 and 2.12.5 patch the issu...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References3
Rows per page
Query Builder