CVE-2026-54322

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organization role update and delete endpoints authorized the caller as an owner of the organization named in the request path, but resolved and mutated the targe...

CVE-2026-32816

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the delete, activate, and deactivate modes in modules/groups-roles/groupsroles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The client-side UI passes a CSRF...

LinkedIn: Blocking a company page admin prevents him from delete paid media admin or edit his roles

A company page admin was prevented from managing deleting or editing roles of a paid media admin when the paid media admin blocked the company page admin. This created an access control vulnerability where administrative privileges were circumvented through the platform's social blocking feature...

openGauss: Unknown Roles

Check the purpose of each unknown role in the query and delete unnecessary Roles. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...