CVE-2026-31956

CVE-2026-31956 affects Xibo CMS prior to 4.4.1. An authenticated user can manually construct URLs to preview campaigns/regions and export saved reports belonging to other users due to an IDOR issue triggered by disableUserCheck without proper controller-level authorization. Impact is limited to u...

CVE-2026-5412

In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the CloudSpec API method to extract the cloud credentials used to bootstrap the controller. This allows a low-privileged user to access sensitive credentials. This...

EUVD-2025-20674

Malicious code in bioql PyPI...

EUVD-2025-20670

Malicious code in bioql PyPI...

Intel Baseboard Management Controller Authorization Issue Vulnerability (CNVD-2020-12702)

The Intel Baseboard Management Controller BMC is a baseboard management controller from Intel Corporation USA. An authorization issue vulnerability exists in Intel BMC, which can be exploited by a local attacker to disclose information and/or cause a denial of service...

Design/Logic Flaw

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers...

Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers...