Lucene search
+L

32 matches found

OSV
OSV
added 3 days ago3 views

CVE-2026-52839 Easy!Appointments appointments/store and appointments/update allow cross-provider appointment injection — Authorization Bypass

Easy!Appointments is a self hosted appointment scheduler. Versions prior to 1.6.0 correctly filter provider-scoped appointments in the appointments/search response, proving that provider isolation is an intended security boundary. However, the direct mutation endpoints appointments/store and...

3.3CVSS6.1AI score0.00146EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago26 views

CVE-2026-52839 Easy!Appointments appointments/store and appointments/update allow cross-provider appointment injection — Authorization Bypass

Easy!Appointments is a self hosted appointment scheduler. Versions prior to 1.6.0 correctly filter provider-scoped appointments in the appointments/search response, proving that provider isolation is an intended security boundary. However, the direct mutation endpoints appointments/store and...

3.3CVSS0.00146EPSS
Exploits0References2
CVE
CVE
added 3 days ago10 views

CVE-2026-52839

Easy!Appointments versions before 1.6.0 allow cross-provider appointment injection via unauthorized use of the store and update endpoints. The vulnerability arises because store/update do not verify that id_users_provider belongs to the current session, enabling a provider to add or reassign appo...

3.3CVSS6.1AI score0.00146EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-43570

OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in Discord guild actions that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to skip cross-provider requester...

8.1CVSS6.2AI score0.00233EPSS
Exploits0References3
NVD
NVD
added 4 days ago6 views

CVE-2026-62192

OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in Discord guild actions that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to skip cross-provider requester...

8.1CVSS0.00233EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 6:26 p.m.5 views

GO-2026-5083 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services in github.com/traefik/traefik

Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services in github.com/traefik/traefik...

7.1CVSS5.8AI score0.00318EPSS
Exploits2References3
NVD
NVD
added 2026/06/23 8:16 p.m.8 views

CVE-2026-54761

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

7.1CVSS0.00318EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:15 p.m.4 views

CVE-2026-54761

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS5.9AI score0.00318EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2026/06/23 7:15 p.m.2 views

CVE-2026-54761 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS6AI score0.00318EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/06/23 7:15 p.m.37 views

CVE-2026-54761 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS0.00318EPSS
Exploits2References3
CVE
CVE
added 2026/06/23 7:15 p.m.51 views

CVE-2026-54761

Traefik vulnerability CVE-2026-54761 affects the Kubernetes Gateway provider: prior to 3.6.21 and 3.7.5, the crossProviderNamespaces allowlist is checked against backendRef.namespace instead of the HTTPRoute’s own namespace, enabling an attacker in a non-allowlisted namespace to reference interna...

7.1CVSS5.9AI score0.00318EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2026/06/17 11:17 p.m.17 views

CVE-2026-50202

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Security.Authentication.CloudFoundryBase prior to version 3.4.0, Steeltoe.Security.Authentication.JwtBearer prior to version 4.2.0, and...

5.9CVSS0.0029EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 9:53 p.m.2 views

CVE-2026-50202 Steeltoe's static JWKS cache shared across schemes and never invalidated

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Security.Authentication.CloudFoundryBase prior to version 3.4.0, Steeltoe.Security.Authentication.JwtBearer prior to version 4.2.0, and...

5.9CVSS6AI score0.0029EPSS
Exploits0References5
OSV
OSV
added 2026/06/17 2:1 p.m.8 views

GHSA-3G6V-2R68-PRFC Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Summary There is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlist against the target backendRef.namespace instead of the route's own...

6CVSS5.2AI score0.00318EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2026/06/17 2:1 p.m.14 views

Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Summary There is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlist against the target backendRef.namespace instead of the route's own...

7.1CVSS5.2AI score0.00318EPSS
Exploits2References4Affected Software3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50495

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.21 Traefik versions prior to 3.7.5 Description An issue exists in the Kubernetes Gateway provider regarding the crossProviderNamespaces allowlist. When HTTPRoute rules declare multiple backendRefs Weighted Round...

7.1CVSS5.9AI score0.00318EPSS
Exploits2References17
RedhatCVE
RedhatCVE
added 2026/06/02 10:3 p.m.15 views

CVE-2026-9093

In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML assertions. The buildSp function in object/samlsp.go never sets AudienceURI on the gosaml2 SAMLServiceProvider struct and never inspects...

9.8CVSS5.8AI score0.00365EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 8:16 p.m.18 views

CVE-2026-41577

authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor ResponseProcessor.parse does not validate the Conditions element on assertions. NotBefore, NotOnOrAfter, and AudienceRestriction are all ignored. This allows replay of expir...

7.5CVSS0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.13 views

authentik 数据伪造问题漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik before 2025.12.5 and 2026.2.3 had a data manipulation vulnerability. This vulnerability stemmed from the SAML response processor not verifying the Conditions element in assertions, which...

7.5CVSS5.3AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 6:30 p.m.3 views

GHSA-3W4H-G9F5-J84P Casdoor does not validate the AudienceRestriction element in SAML assertions

In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML assertions. The buildSp function in object/samlsp.go never sets AudienceURI on the gosaml2 SAMLServiceProvider struct and never inspects...

9.8CVSS5.8AI score0.00365EPSS
Exploits0References3
Rows per page
Query Builder