Lucene search
K

39 matches found

NVD
NVD
added yesterday6 views

CVE-2026-54563

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, a Cloudreve WebDAV account rooted at a configured folder can send paths such as /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request suffix to the account root with...

7.1CVSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-54560

Cloudreve is a self-hosted file management and sharing system. From 4.12.0 until 4.16.1, Cloudreve's OAuth access tokens are issued without the OAuth clientid claim, so the JWT verifier does not load token scopes into request context and RequiredScopes treats the request like non-scoped session...

7.6CVSS
Exploits0References3
NVD
NVD
added yesterday6 views

CVE-2026-54562

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...

6.5CVSS
Exploits0References3
CVE
CVE
added yesterday8 views

CVE-2026-54560

CVE-2026-54560 affects Cloudreve prior to version 4.16.1, where OAuth access tokens could be issued without the OAuth client_id claim. The missing client_id causes the JWT verifier to not load token scopes into the request context, making RequiredScopes treat the request as unscoped session authe...

7.6CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44689

Cloudreve is a self-hosted file management and sharing system. From 4.12.0 until 4.16.1, Cloudreve's OAuth access tokens are issued without the OAuth clientid claim, so the JWT verifier does not load token scopes into request context and RequiredScopes treats the request like non-scoped session...

7.6CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added yesterday12 views

CVE-2026-54560 Cloudreve: OAuth access tokens bypass scope enforcement due to missing client_id claim

Cloudreve is a self-hosted file management and sharing system. From 4.12.0 until 4.16.1, Cloudreve's OAuth access tokens are issued without the OAuth clientid claim, so the JWT verifier does not load token scopes into request context and RequiredScopes treats the request like non-scoped session...

7.6CVSS
Exploits0References3
CVE
CVE
added yesterday7 views

CVE-2026-54563

Cloudreve CVE-2026-54563 describes a path traversal / broken access control in the WebDAV interface under /dav. Before version 4.16.1, a WebDAV account rooted at a configured folder could send paths like /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request...

7.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-44688

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, a Cloudreve WebDAV account rooted at a configured folder can send paths such as /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request suffix to the account root with...

7.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday15 views

CVE-2026-54563 Cloudreve: Path Traversal / Broken Access Control in Cloudreve WebDAV (`/dav`) — scoped DAV credential escapes its configured account root

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, a Cloudreve WebDAV account rooted at a configured folder can send paths such as /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request suffix to the account root with...

7.1CVSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-54562

Cloudreve CVE-2026-54562 affects the self-hosted file management system. Prior to version 4.16.1, the remote download workflow at POST /api/v4/workflow/download passes user-supplied URLs to the downloader without blocking loopback/localhost/IPv6 localhost or redirect-to-loopback targets. This all...

6.5CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44687

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...

6.5CVSS6.2AI score
Exploits0References3
Cvelist
Cvelist
added yesterday13 views

CVE-2026-54562 Cloudreve: Non-admin remote download users can SSRF loopback/internal services and read imported responses

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...

6.5CVSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/06 5:0 p.m.4 views

CVE-2026-25726

Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now.UnixNano to generate critical security secrets, including the secretkey, and hashidsalt. These secrets are generated...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References1
NVD
NVD
added 2026/04/03 8:16 p.m.6 views

CVE-2026-25726

Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now.UnixNano to generate critical security secrets, including the secretkey, and hashidsalt. These secrets are generated...

9.8CVSS0.00376EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 8:6 p.m.2 views

CVE-2026-25726 Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)

Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now.UnixNano to generate critical security secrets, including the secretkey, and hashidsalt. These secrets are generated...

8.1CVSS5.8AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 8:6 p.m.5 views

CVE-2026-25726 Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)

Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now.UnixNano to generate critical security secrets, including the secretkey, and hashidsalt. These secrets are generated...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/03 8:6 p.m.30 views

CVE-2026-25726 Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)

Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now.UnixNano to generate critical security secrets, including the secretkey, and hashidsalt. These secrets are generated...

8.1CVSS0.00376EPSS
Exploits0References2
CVE
CVE
added 2026/04/03 8:6 p.m.36 views

CVE-2026-25726

CVE-2026-25726 (Cloudreve) : Prior to 4.13.0, Cloudreve uses the weak Go PRNG math/rand seeded with time.Now().UnixNano() to generate critical secrets (secret_key, hash_id_salt) stored in the DB. An attacker can fetch the administrator account creation time via public APIs, brute-force the PRNG s...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Cloudreve 安全特征问题漏洞

Cloudreve is an open-source public cloud file system that supports multiple cloud storage drivers. Versions of Cloudreve prior to 4.13.0 have a security feature vulnerability. This vulnerability stems from the use of a weak pseudo-random number generator for generating security keys, which may le...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/31 10:31 p.m.3 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2
Rows per page
Query Builder