Lucene search
+L

707 matches found

CVE
CVE
added yesterday32 views

CVE-2026-48016

Summary of findings (CVE-2026-48016) : The vulnerability in Shopware Store API allows an external Store API user, including guests, to trigger payments for another user’s order by supplying a foreign orderId to the endpoint /store-api/handle-payment. The root cause is that payment initiation/proc...

4.3CVSS5.3AI score0.0005EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-45006

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an ESEARCH cross-user content oracle. By using the ESEARCH command, an authenticated IMAP user could enumerate folder names under any account they could name. Search would return UIDs of messages matching the search,...

4.3CVSS6.2AI score0.00183EPSS
Exploits0References3
NVD
NVD
added 2 days ago7 views

CVE-2026-47083

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an ESEARCH cross-user content oracle. By using the ESEARCH command, an authenticated IMAP user could enumerate folder names under any account they could name. Search would return UIDs of messages matching the search,...

4.3CVSS0.00183EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago11 views

ViewComponent: Reused Component Instances Retain Stale Render Context

Reused Component Instances Retain Stale Render Context Summary ViewComponent::Base instances retain multiple render-scoped objects across calls to renderin. If the same component, collection, or spacer component instance is reused across requests, users, tenants, or threads, later renders can use...

6.8CVSS6.1AI score
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-60388

Name of the Vulnerable Software and Affected Versions view component versions 4.0.0 through 4.11.0 Description ViewComponent::Base instances retain render-scoped objects across calls to the render in function. If the same component, collection, or spacer component instance is reused across...

6.8CVSS5.3AI score
Exploits0References9
OSV
OSV
added 2026/07/10 9:16 p.m.4 views

UBUNTU-CVE-2026-57214

RabbitMQ is a messaging and streaming broker. Prior to 4.2.5, the RabbitMQ management UI renders the x-internal-purpose queue or exchange argument into an HTML title attribute without proper escaping on the Queues and Exchanges pages, allowing a user with permission to declare a queue or exchange...

7.1CVSS6.2AI score0.00219EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/10 8:42 p.m.31 views

CVE-2026-55880 OpenReplay: Cross-user IDOR in notes and dashboard widgets

OpenReplay is a self-hosted session replay suite. In 1.27.0 and earlier, three dashboard and note mutation functions ran their SQL without the ownership predicate that their sibling read and edit functions use: notes.delete filtered only on note id and project id, while dashboards.updatewidget an...

7.1CVSS0.00195EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 8:42 p.m.9 views

CVE-2026-55880

OpenReplay CVE-2026-55880 affects OpenReplay self-hosted session replay (versions 1.27.0 and earlier). The root cause is that three mutation operations—notes.delete, dashboards.update_widget, and dashboards.remove_widget—executed SQL without the ownership predicate used by their read/edit sibling...

7.1CVSS6.1AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/07/10 8:42 p.m.3 views

CVE-2026-55880 OpenReplay: Cross-user IDOR in notes and dashboard widgets

OpenReplay is a self-hosted session replay suite. In 1.27.0 and earlier, three dashboard and note mutation functions ran their SQL without the ownership predicate that their sibling read and edit functions use: notes.delete filtered only on note id and project id, while dashboards.updatewidget an...

7.1CVSS6.1AI score0.00195EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/10 2:32 p.m.10 views

EUVD-2026-41129

API Platform Core vulnerable to cross-user attribute leak in JSON:API and HAL item normalizers due to missing isCacheKeySafe gate...

5.9CVSS6.1AI score0.00197EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 4:17 a.m.8 views

CVE-2026-5069

The Fluent Forms plugin for WordPress is vulnerable to incorrect authorization via the 'subscriptionid' parameter in versions up to, and including, 6.2.1. This is due to insufficient ownership authorization checks in the payment cancellation AJAX flow. This makes it possible for authenticated...

5.4CVSS0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/09 4:55 p.m.32 views

CVE-2026-59213 Open WebUI: Cross-user model-list exposure via static cache key in get_all_models (aiocache key= vs key_builder= misuse)

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, getallmodels handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of keybuilder, causing permission-filtered per-user model lists to share a stat...

3.5CVSS0.00273EPSS
Exploits1References4
CVE
CVE
added 2026/07/09 4:55 p.m.12 views

CVE-2026-59213

Open WebUI (self-hosted AI platform) is affected in versions 0.6.27–0.10.0 by a bug in get_all_models handlers (routers/openai.py and routers/ollama.py) where a lambda was passed to aiocache key instead of key_builder. This caused permission-filtered per-user model lists to share a static cache e...

5CVSS6AI score0.00273EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/07/09 4:48 p.m.11 views

CVE-2026-59216

Open WebUI prior to 0.10.0 is vulnerable to cross-user code execution via unvalidated Socket.IO event-caller session_id. The get_event_call path delivers execute:python and execute:tool events to a client-supplied session_id after only confirming the session is connected, enabling an attacker who...

9CVSS6AI score0.00308EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/07/09 4:48 p.m.32 views

CVE-2026-59216 Open WebUI: Cross-user code-interpreter and tool execution via unvalidated Socket.IO event-caller session_id

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, geteventcall delivered execute:python and execute:tool Socket.IO events to a client-supplied sessionid after checking only that the session was connected, allowing authenticated users who learne...

7.7CVSS0.00308EPSS
Exploits0References4
NVD
NVD
added 2026/07/07 9:17 p.m.8 views

CVE-2026-53729

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS0.00391EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 8:23 p.m.28 views

CVE-2026-53729 DataEase ExportCenter IDOR allows cross-user export task access

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS0.00391EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 8:23 p.m.9 views

CVE-2026-53729

DataEase (open source data visualization/analysis tool) contains an IDOR in the ExportCenter area. Before version 2.10.24, an authenticated user could manipulate the task ID to download, delete, retry, or generate download links for export tasks belonging to other users; additionally, the /export...

8.7CVSS5.9AI score0.00391EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 8:23 p.m.7 views

CVE-2026-53729 DataEase ExportCenter IDOR allows cross-user export task access

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS5.9AI score0.00391EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 4:3 p.m.9 views

PYSEC-2026-1803 pretix has Broken Access Control Allowing Cross-User File Access via UUID

Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS5.9AI score0.00226EPSS
Exploits0References6
Rows per page
Query Builder