Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/29 5:16 p.m.11 views

EUVD-2026-40158

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS5.8AI score0.03016EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:16 p.m.5 views

CVE-2026-56782

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS5.8AI score0.03016EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/06/29 5:16 p.m.33 views

CVE-2026-56782 Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when adminapikey is empty, which is the default configuration. Remote attackers can exfiltrate the entire databas...

9.8CVSS0.03016EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2026/02/24 3:30 p.m.10 views

Apache Superset Improper Authorization allows low-privileged users to bypass access controls

An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...

7.1CVSS5.8AI score0.00436EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/02/24 2:16 p.m.6 views

CVE-2026-23982

An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...

7.1CVSS0.00436EPSS
Exploits0References2
Rows per page
Query Builder