Lucene search
K

5 matches found

Snyk
Snyk
added 2026/03/11 12:16 a.m.3 views

Authorization Bypass Through User-Controlled Key

Overview @withstudiocms/api-spec is an API Specification for StudioCMS Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the DELETE /studiocmsapi/dashboard/api-tokens endpoint. An attacker can revoke API tokens belonging to other users,...

7.1CVSS5.9AI score0.00452EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.5 views

StudioCMS 安全漏洞

StudioCMS is StudioCMS open source a content management system . A denial of service vulnerability exists in StudioCMS. The vulnerability stems from insufficient DELETE /studiocmsapi/dashboard/api-tokens endpoint validation, which can be exploited by an attacker to cause a denial of service...

7.1CVSS5.8AI score0.00452EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/03/04 1:56 a.m.4 views

CVE-2026-28361

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in...

7.1CVSS5.8AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 7:53 p.m.2 views

GHSA-P9X3-W98F-7J3Q NocoDB Missing Ownership Validation in MCP Token Operations

Summary The MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. Details McpTokenService.get, regenerateToken, and delete did not filter by fkuserid. The analogous...

7.1CVSS5.9AI score0.0016EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.3 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE that stems from improper...

5.5CVSS5.8AI score0.0083EPSS
Exploits0References3
Rows per page
Query Builder