29 matches found
CVE-2026-47381
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a user in one workspace could exercise another workspace's integration through the testConnection endpoint by supplying its ID, because the integration was fetched in a bypass scope and the caller's permission check...
CVE-2026-42463
SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR Insecure Direct Object Reference and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema...
praisonai-platform: Agent endpoints accept any agent_id without workspace ownership check, cross-workspace read/update/delete IDOR
Summary Type: Insecure Direct Object Reference. The agent CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/agents/agentid gate access on requireworkspacememberworkspaceid only, then resolve agentid through AgentService.getagentid which is a primary-key lookup with no workspace...
PT-2026-47087
Summary Type: Insecure Direct Object Reference. The agent CRUD endpoints GET / PATCH / DELETE /workspaces/workspace id/agents/agent id gate access on require workspace memberworkspace id only, then resolve agent id through AgentService.getagent id which is a primary-key lookup with no workspace...
praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check, cross-workspace read/update/delete IDOR
Summary Type: Insecure Direct Object Reference. The issue CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/issues/issueid gate access on requireworkspacememberworkspaceid only, then resolve issueid through IssueService.getissueid which is a primary-key lookup with no workspace...
GHSA-XWQ8-FRCG-77Q8 praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check, cross-workspace read/update/delete IDOR
Summary Type: Insecure Direct Object Reference. The issue CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/issues/issueid gate access on requireworkspacememberworkspaceid only, then resolve issueid through IssueService.getissueid which is a primary-key lookup with no workspace...
praisonai-platform: Comment endpoints accept any issue_id without workspace ownership check, cross-workspace comment read and post IDOR
Summary Type: Insecure Direct Object Reference. The comment endpoints POST /workspaces/workspaceid/issues/issueid/comments and GET .../comments gate access on requireworkspacememberworkspaceid only, then call CommentService.createissueid=issueid, ... and CommentService.listforissueissueid without...
GHSA-943M-6WX2-RC2J praisonai-platform: Project endpoints accept any project_id without workspace ownership check, cross-workspace read/update/delete IDOR
Summary Type: Insecure Direct Object Reference. The project CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/projects/projectid and GET .../projectid/stats gate access on requireworkspacememberworkspaceid only, then resolve projectid through ProjectService.getprojectid / updateprojecti...
PT-2026-45489
Summary Type: Insecure Direct Object Reference. The project CRUD endpoints GET / PATCH / DELETE /workspaces/workspace id/projects/project id and GET .../project id/stats gate access on require workspace memberworkspace id only, then resolve project id through ProjectService.getproject id /...
PT-2026-45488
Summary Type: Insecure Direct Object Reference. The comment endpoints POST /workspaces/workspace id/issues/issue id/comments and GET .../comments gate access on require workspace memberworkspace id only, then call CommentService.createissue id=issue id, ... and CommentService.list for issueissue ...
PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID
Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one workspace to access, modify, and delete objects belonging to another workspace by supplying the victim object's global UUID. The affected pattern...
GHSA-6H6V-6M7W-7VXX PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID
Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one workspace to access, modify, and delete objects belonging to another workspace by supplying the victim object's global UUID. The affected pattern...
GHSA-H8Q5-CP56-RR65 PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
Summary The Platform server exposes resources under /api/v1/workspaces/workspaceid/... and protects them with a requireworkspacememberworkspaceid FastAPI dependency. The dependency only checks that the caller is a member of the workspaceid in the URL prefix. The route handlers then look up the...
praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership
Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...
GHSA-27P4-PJQV-WHGJ praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership
Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...
PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs global primary-key lookups without checking workspace ownership, so any authenticated user can read, modify, and delete resources in any...
GHSA-GV23-XRM3-8C62 PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs global primary-key lookups without checking workspace ownership, so any authenticated user can read, modify, and delete resources in any...
PT-2026-45068
Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs global primary-key lookups without checking workspace ownership, so any authenticated user can read, modify, and delete resources in any...
Incorrect Authorization
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Incorrect Authorization through the getChatflowByApiKey handler in the chatflow API and the getChatflowByApiKey query in the chatflow service. An attacker can retrieve chatflows from other workspaces by...
GHSA-C2C9-MFW7-P8HW Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows
Summary The /api/v1/chatflows/apikey/:apikey endpoint whitelisted, accessible with API key auth only returns all chatflows bound to the provided API key AND all chatflows across the entire system that have no API key assigned. This crosses workspace boundaries, allowing a user in Workspace A who...