25 matches found
PT-2026-39271
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description The 'POST /api/v1/retrieval/process/web' endpoint accepts a user-supplied collection name and an overwrite query parameter, which defaults to True. The system fails to perform authorization checks...
Mezo: ERC-20 bridgeOut burn can be erased by a stale StateDB overwrite leading to full L1 bridge drain
Note: the fixed version of the validator client has been deployed for some time. Impact Potential full drain of L1 bridge without changing bridged balance on Mezo. Brief/Intro A malicious user can steal all ERC-20 tokens locked in the L1 bridge by repeatedly calling the bridgeOut precompile from ...
CVE-2026-35465
SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4 and below, a compromised SecureDrop Server can achieve code execution on the Client's virtual machine sd-app by exploiting improper...
CVE-2026-34976
Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config admin.go, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication,...
CVE-2026-34976 Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config admin.go, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication,...
CVE-2026-34976 Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config admin.go, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication,...
CVE-2026-34976
CVE-2026-34976 affects Dgraph prior to 25.3.1 where the restoreTenant admin mutation is missing from the authorization middleware, allowing an unauthenticated attacker to specify attacker-controlled backup locations (including file://), S3/MinIO credentials, encryption key paths, and Vault IDs. T...
Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
The restoreTenant admin mutation is missing from the authorization middleware config admin.go:499-522, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication, restoreTenant executes with zero middleware. This mutation accepts...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to missing restoreTenant from the adminMutationMWConfig. An attacker can overwrite the entire database, read arbitrary server-side files, and perform server-side request forgery by sending crafted requests to t...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to missing restoreTenant from the adminMutationMWConfig. An attacker can overwrite the entire database, read arbitrary server-side files, and perform server-side request forgery by sending crafted requests to t...
GHSA-P5RH-VMHP-GVCW Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
The restoreTenant admin mutation is missing from the authorization middleware config admin.go:499-522, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication, restoreTenant executes with zero middleware. This mutation accepts...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to missing restoreTenant from the adminMutationMWConfig. An attacker can overwrite the entire database, read arbitrary server-side files, and perform server-side request forgery by sending crafted requests to t...
PT-2026-29916
The restoreTenant admin mutation is missing from the authorization middleware config admin.go:499-522, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication, restoreTenant executes with zero middleware. This mutation accepts...
CVE-2025-55292
Meshtastic is an open source mesh networking solution. In the current Meshtastic architecture, a Node is identified by their NodeID, generated from the MAC address, rather than their public key. This aspect downgrades the security, specifically by abusing the HAM mode which doesn't use encryption...
CVE-2025-55292 In Meshtastic, an attacker can spoof licensed amateur flag for a node
Meshtastic is an open source mesh networking solution. In the current Meshtastic architecture, a Node is identified by their NodeID, generated from the MAC address, rather than their public key. This aspect downgrades the security, specifically by abusing the HAM mode which doesn't use encryption...
PT-2026-5035
Name of the Vulnerable Software and Affected Versions Meshtastic versions prior to 2.7.6.834c3c5 Description Meshtastic is a mesh networking solution where nodes are identified by their NodeID, derived from the MAC address, rather than their public key. This design flaw allows an attacker to forg...
EUVD-2012-2357
Malware in sbrugna...
EUVD-2006-7192
Malware in sbrugna...
CVE-2025-55293
Meshtastic (vulnerable before 2.6.3) allows crafting NodeInfo packets to overwrite a known node’s publicKey in NodeDB. Attack flow: first send NodeInfo with an empty publicKey to bypass size checks (clears existing key), then send a new key that gets stored. Root cause is improper handling of emp...
CVE-2024-45256
An arbitrary file write issue in the exfiltration endpoint in BYOB Build Your Own Botnet 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in fileadd in api/files/routes.py...