Lucene search
K

4 matches found

Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-59253 n8n - Improper Authorization in Workflow Assignment to Folders

n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical...

5.3CVSS0.00166EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/26 4:23 p.m.45 views

CVE-2026-47716 Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, In affected versions, the issue list view authorizes access through the project in the URL, but applies the requested bulk action to the submitted issue IDs without also requiring those issues to belong to that project. This...

3.1CVSS0.00147EPSS
Exploits0References2
OSV
OSV
added 2025/10/29 7:15 a.m.9 views

UBUNTU-CVE-2025-11702

GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker with specific permissions to hijack project runners from other projects...

8.8CVSS7.3AI score0.00572EPSS
Exploits0References2
OSV
OSV
added 2025/10/29 7:4 a.m.3 views

CVE-2025-11702 Missing Authorization in GitLab

GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker with specific permissions to hijack project runners from other projects...

8.5CVSS9AI score0.00572EPSS
Exploits0References6
Rows per page
Query Builder