24 matches found
CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5302
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
SUSE CVE-2026-5208
Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...
SUSE CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
SUSE CVE-2026-5302
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
EUVD-2026-20461
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
EUVD-2026-20457
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5302
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
EUVD-2026-20455
Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...
CVE-2026-5208
Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...
CVE-2026-5302
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
CVE-2026-5302 Permissive Cross-domain Policy with Untrusted Domains in coolercontrold
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
CVE-2026-5302 Permissive Cross-domain Policy with Untrusted Domains in coolercontrold
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
CVE-2026-5302
CVE-2026-5302 describes a CORS misconfiguration in CoolerControl/coolercontrold prior to 4.0.0. The root issue is permissive cross-origin access, allowing unauthenticated remote attackers to read data and send commands through malicious websites. Affected software: CoolerControl/coolercontrold ve...
CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300
CVE-2026-5300 affects CoolerControl/coolercontrold prior to version 4.0.0, where unauthenticated users can view and modify potentially sensitive data via HTTP requests. The issue impacts both confidentiality and integrity (CVSS v3.1 base scores: 9.1/CRITICAL under NVD, with NETWORK attack vector ...
CVE-2026-5208 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in coolercontrold
Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...