EUVD-2026-39774

Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass authorization checks. Attackers can read table schemas, create tables, and modify or delete records across bases and tables via endpoints like GET /api/v2/tables/get and POST...

CVE-2026-56773

CVE-2026-56773 concerns Teable’s v2 REST API controller, where missing @Permissions metadata on ORPC endpoints allows any authenticated user to bypass authorization checks. Attackers can read table schemas, create tables, and modify or delete records across bases/tables via endpoints like GET /ap...

CVE-2026-4119

The Create DB Tables plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 1.2.1. The plugin registers adminpost action hooks for creating tables adminpostaddtable and deleting tables adminpostdeletedbtable without implementing any capability checks via...

BIT-SCYLLADB-2023-33972 Privilege escalation from having CREATE access on a keyspace in Scylladb

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that table. This issue...

CVE-2023-33972

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that table. This issue...

CVE-2023-33972 Privilege escalation from having CREATE access on a keyspace in Scylladb

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that table. This issue...

Oracle Database Server Database Filesystem component unauthorized access vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. An unauthorized access vulnerability exists in the Oracle Database Server Database...

Oracle ctxsys.drvxtabc.create_tables Evil Cursor Exploit

Exploit for unknown platform in category local exploits ======================================================== Oracle ctxsys.drvxtabc.createtables Evil Cursor Exploit ======================================================== Title: Oracle ctxsys.drvxtabc.createtables Evil Cursor Exploit CVE-ID:...