131 matches found
Langflow - Broken Access Control
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories...
CVE-2026-56246
Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key limitedtoorgs inherits its owner-user's permissions, allowing destructive cross-organization actions. When a user is an admin in two organizations and creates a write-mod...
CVE-2026-56246 Capgo - Cross-Organization Authorization Bypass via Scoped API Key Privilege Inheritance
Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key limitedtoorgs inherits its owner-user's permissions, allowing destructive cross-organization actions. When a user is an admin in two organizations and creates a write-mod...
EUVD-2026-42249
Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key limitedtoorgs inherits its owner-user's permissions, allowing destructive cross-organization actions. When a user is an admin in two organizations and creates a write-mod...
CVE-2026-56246
Capgo prior to 12.128.2 contains a broken access control in the organization management API. A scoped API key (limited_to_orgs) inherits its owner-user’s permissions, enabling cross‑organization destructive actions (e.g., DELETE /organization, DELETE /organization/members) when an admin belongs t...
CVE-2026-10552
The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or incorrect nonce validation on the main admin panel blcapmainpage and on the Hall of Shame and Log subpages, which accept a 'blcapaction' / 'action'...
CVE-2026-47343
Technical details are not publicly available in the provided documents. Monitor TYPO3 security advisories for updates. The CVE describes unauthorized write actions on file mount folders across several TYPO3 CMS versions, with no publicly disclosed exploitation specifics.
CVE-2026-47343 TYPO3 CMS - Destructive Actions on File Mount Folders
Non-privileged backend users with file mount access were able to perform write operations move, delete, rename on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0...
CVE-2026-47343 TYPO3 CMS - Destructive Actions on File Mount Folders
Non-privileged backend users with file mount access were able to perform write operations move, delete, rename on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0...
📄 phpVMS 7.0.5 Unauthenticated Import Endpoint Bypass
Proof of concept targeting phpVMS versions 7.0.5 and below. It scans multiple importer-related endpoints, attempts POST-based actions that simulate or trigger destructive operations such as import, delete, and database wipe behaviors, and classifies a target as vulnerable based on HTTP responses...
MAL-2026-5320 Malicious code in openai-mcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c30f8b1a160c72529e2671b81be13ea671302e9bc3915ee84bd2212e0fdd5a3 The package name and module structure impersonate the official openai Python SDK the package even rewrites exported classes' module attribute to...
Malicious code in tlask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae87e0c65760999b8ff4e28d11505b15a71a1a46dd8d761122e3d9d8e2cd85b6 The package is published as 'tlask', a single-character edit of the widely used 'flask' package on PyPI. Metadata and module contents are copied...
MAL-2026-5305 Malicious code in tlask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae87e0c65760999b8ff4e28d11505b15a71a1a46dd8d761122e3d9d8e2cd85b6 The package is published as 'tlask', a single-character edit of the widely used 'flask' package on PyPI. Metadata and module contents are copied...
Malicious code in rlask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89a034f9ba4356799034d728884eccecf5c53779d85280556419cda38e671a30 The package name 'rlask' is a single-character edit of the popular 'flask' package. METADATA declares 'Maintainer-email: Pallets ', and entrypoints.t...
MAL-2026-5304 Malicious code in rsquests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2041887c315474d0722cbf717e189ec1260e209c5f00da5ca3a52a60c6aebb2 The package name rsquests is a single-character insertion typo of the top-100 PyPI package requests. Package metadata and source are a verbatim copy ...
Malicious code in rsquests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2041887c315474d0722cbf717e189ec1260e209c5f00da5ca3a52a60c6aebb2 The package name rsquests is a single-character insertion typo of the top-100 PyPI package requests. Package metadata and source are a verbatim copy ...
MAL-2026-5302 Malicious code in nhmpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34db1950ee9bdf9c75ae9bb2436085bbb443107321d8d7056a0bf3b8fae36978 The package is published as 'nhmpy' on PyPI but its contents are a verbatim copy of NumPy 2.4.6: the same source tree, docstrings, and license files...
Malicious code in pyphetools (PyPI)
The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...
Malicious code in phenopacket-store-toolkit (PyPI)
The package phenopacket-store-toolkit version 0.1.7 contains a malicious .pth file phenopacketstoretoolkit-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release...
Malicious code in uprobe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82230ac4ef4464e9696491bf25cfabbd5cff78ab2256f4aa1a0d5ad7456218a8 The package installs uprobe-setup.pth, which Python auto-loads at every interpreter startup in any environment where the wheel is present. The.pth...