703 matches found
EUVD-2026-41942
Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...
EUVD-2026-41753
An unauthenticated improper input validation vulnerability in the POST /fetchcvedata endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections...
PT-2026-55794
Name of the Vulnerable Software and Affected Versions cve-search affected versions not specified Description An unauthenticated improper input validation issue exists in the 'POST /fetch cve data' endpoint. A remote attacker can manipulate request parameters that control the MongoDB collection,...
CVE-2026-53632
A flaw was found in launch-editor. This component, used in Node.js to open files, can be tricked into accessing arbitrary paths, including Windows Universal Naming Convention UNC paths. When a malicious UNC path is opened, Windows automatically attempts NTLM authentication to a remote server...
EUVD-2026-39646
A vulnerability exists in the netclient and factory services of Reolink Home Hub versions prior to v3.3.0.45626031911 due to the possibility of brute-force cracking the credentials. This issue could allow attackers on the same local network to intercept traffic between the Hub and associated...
CVE-2026-56272
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-56272
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
EUVD-2026-38748
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-56272 Flowise - Insufficient Password Salt Rounds in Bcrypt Hashing
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
launch-editor: NTLMv2 hash disclosure via UNC path handling on Windows
Summary The launch-editor NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled SMB server. This can result ...
GHSA-V6WH-96G9-6WX3 launch-editor: NTLMv2 hash disclosure via UNC path handling on Windows
Summary The launch-editor NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled SMB server. This can result ...
PT-2026-49575
Name of the Vulnerable Software and Affected Versions launch-editor versions prior to 2.14.1 Description The launch-editor NPM package allows the access of arbitrary paths, including Windows UNC Universal Naming Convention paths. On Windows systems, accessing a UNC path triggers an automatic NTLM...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
Information Security Fundamentals — Spring 2026 Project Tot...
Siemens SINEC INS 安全漏洞
Siemens SINEC INS is a software developed by Siemens, a German company, that provides central services for network infrastructure. Versions of Siemens SINEC INS prior to SINEC INS V1.0 SP2 Update 6 contained security vulnerabilities. These vulnerabilities stemmed from the use of static, hard-code...
CVE-2026-39908 OpenBullet2 0.3.2 NTLMv2 Hash Disclosure via UNC Path Proxy Source
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
CVE-2026-39908
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
EUVD-2026-35133
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
robot
Good all day, my friends, I finally finished the first versio...
cyber-pentools
🔥 Cyber Pentools — All-in-One Penetration Testing Toolkit 2...
Kali-setup
🛠️ kali-setup A single bash script that pulls in the 20 most-...