1842 matches found
CVE-2026-54673
The CVE affects electron-updater (builder-util-runtime component) prior to version 9.7.0. The root cause is that HttpExecutor.prepareRedirectUrlOptions only stripped a credential header named exactly the lowercase string “authorization.” Other credential-bearing headers, notably PRIVATE-TOKEN and...
CVE-2026-56277
Flowise (pre-3.1.2) exposes a security flaw in its text-to-speech (TTS) endpoint. The endpoint at packages/server/src/controllers/text-to-speech/index.ts sets Access-Control-Allow-Origin to a hardcoded wildcard (*), bypassing the server’s configured CORS policy and enabling cross-origin requests ...
EUVD-2026-40405
IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges flow author role can bypass SSRF protections by enabling the followredirects parameter and supplying a...
CVE-2026-7874 Weak Cryptographic Key Derivation Exposed All Stored Credentials
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all stored credentials due to the use of a weak and reversible key derivation mechanism for encryption at rest...
CVE-2026-58375
JimuReport up to version 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication. The handler is annotated @JimuNoLoginRequired, allowing JimuReportTokenInterceptor to skip auth, and the export service streams the rendered report for any supplied report id without verifying t...
CVE-2026-58167 Nightingale < 9.0.0-beta.2 - Datasource Credential Disclosure to Low-Privilege Users
Nightingale n9e before 9.0.0-beta.2 exposes full datasource configurations, including plaintext database passwords, HTTP bearer tokens, HTTP basic-auth passwords, and mTLS client keys, to any authenticated low-privilege Standard role user through POST /api/n9e/datasource/list. The route is...
CVE-2026-53692
CVE-2026-53692 affects Redeight CMS v1.0. The root cause is storing passwords with MD5 without a salt, a cryptographically broken hash, allowing attackers who obtain password hashes to reverse them via rainbow tables and expose plaintext credentials. The Connected CVE records confirm this in Rede...
CVE-2026-56783
Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including...
CVE-2026-56783
Parseable
Glances - Information Disclosure
Glances 4.5.1 contains an information disclosure vulnerability caused by unfiltered exposure of sensitive configuration data via the /api/4/config REST API endpoint, letting remote attackers access credentials, exploit requires API access. id: CVE-2026-30928 info: name: Glances - Information...
Glances - Information Disclosure
Glances 4.5.2 contains an information disclosure vulnerability caused by the web server running without authentication by default, letting remote attackers access sensitive system information including credentials, exploit requires no special privileges. id: CVE-2026-32596 info: name: Glances -...
Electrolink FM/DAB/TV Transmitter - Credentials Disclosure
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext. id: CVE-2025-28228 info: name: Electrolink FM/DAB/TV Transmitter - Credentials Disclosure...
D-Link DIR-859 - Information Disclosure
A critical information disclosure vulnerability exists in D-Link devices where sensitive device account information including credentials can be retrieved by sending an unauthenticated request to /getcfg.php endpoint with the parameter SERVICES=DEVICE.ACCOUNT. This could allow attackers to obtain...
pnpm binds unscoped user-level npm auth credentials to a repository-selected registry
Summary pnpm can send user-level unscoped npm authentication credentials to a registry chosen by a repository-local .npmrc file. In the reproduced case, the user's npm config contains a default registry and an unscoped authToken. The repository does not provide a token-bearing auth line. It only...
CVE-2026-55188
RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, RustFS contains an authorization bypass in the bucket replication admin API. The ListRemoteTargetHandler handler for listing remote replication targets only checks whether request credentials exist...
CVE-2026-55188 RustFS: ListRemoteTargetHandler authorization bypass leaks replication target credentials
RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, RustFS contains an authorization bypass in the bucket replication admin API. The ListRemoteTargetHandler handler for listing remote replication targets only checks whether request credentials exist...
EUVD-2026-37512
pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses incomplete fix of CVE-2026-46678...
CVE-2026-45407
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...
GHSA-PR7J-96CJ-549H Fluentd is Vulnerable to Exposure of Sensitive Information via Monitor Agent API
Fluentd's Monitor Agent plugin inmonitoragent exposes internal metrics and plugin information via a REST API. It was discovered that the API response /api/plugins.json and related endpoints unintentionally includes internal instance variables of loaded plugins. If any plugins store sensitive...
EUVD-2026-39802
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...