Missing Authorization

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Missing Authorization in the /mlflow-artifacts/mpu/ endpoints in...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in jsPDF (CVE-2026-24040, CVE-2026-24043, CVE-2026-24133, CVE-2026-24737)

Summary Multiple vulnerabilities in the jsPDF library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 4.0.0. Vulnerability Details CVEID:CVE-2026-24040 DESCRIPTION: jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS...

GHSA-HGV7-V322-MMGR @sveltejs/kit: `query.batch` cross-talk

query.batch could, under very rare and specific timings, cause concurrent requests from different users to merge and resolve under single request context, enabling cross-user data disclosure...

Incorrect Synchronization

Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Incorrect Synchronization via the query.batch function. An attacker can access data belonging to other users by exploiting a race condition that causes concurrent requests from different...

DEBIAN-CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

CVE-2026-44457

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be...

CVE-2026-7813 pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

CVE-2026-7813 pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

PT-2026-39327

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.18 Description Cache Middleware fails to skip caching for responses that declare per-user variance using the Vary: Authorization or Vary: Cookie headers. While the middleware correctly skips caching for Vary: ,...

CVE-2026-33872

CVE-2026-33872 affects elixir-nodejs prior to 3.1.4. A race condition in the worker protocol enables Cross-User Data Leakage due to lack of request–response correlation, potentially returning data intended for a different user in high‑throughput/ concurrent scenarios. The vulnerability can disclo...

CVE-2026-33872 elixir-nodejs has Cross-User Data Leakage or Information Disclosure due to Worker Protocol Race Condition

elixir-nodejs provides an Elixir API for calling Node.js functions. A vulnerability in versions prior to 3.1.4 results in Cross-User Data Leakage or Information Disclosure due to a race condition in the worker protocol. The lack of request-response correlation creates a "stale response"...

CVE-2025-13478 Cache Misconfiguration Leading to Cross-User Data Exposure

Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2v4.10.1...

CVE-2025-13478

CVE-2025-13478 affects OpenText Identity Manager on Windows and Linux (Identity Manager: 25.2 v4.10.1). The issue is a cache misconfiguration where insecure application cache handling allows remote authenticated users to obtain another user’s session data. Impact per available docs: potential exp...

CVE-2026-0025

In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0025

In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0025

In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-27792 Seerr missing authentication on pushSubscription endpoints

Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. A missing authorization vulnerability has been identified in the application starting in version 2.7.0 and prior to version 3.1.0. It allows authenticated users to access and modify data belonging to other...

CVE-2026-24894

FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration via the frankenphpresetsuperglobals reset logic. An attacker can access sensitive session data belonging to other users by sending a request to a worker before sessionstart is called. note: This is only...