Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 7:35 a.m.7 views

CVE-2026-34905 Apache Answer: Unlisted Questions Accessible via Direct API Access

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenticated users to discover and access unlisted...

5.4AI score0.00325EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 7:35 a.m.29 views

CVE-2026-34905

CVE-2026-34905 affects Apache Answer up to version 2.0.0. The issue arises from the unlisted question feature not enforcing access restrictions on direct API endpoints, permitting authenticated users to discover and access unlisted questions, their answers, comments, and revision history. Upgrade...

6.5CVSS5.4AI score0.00325EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/11/26 7:15 p.m.3 views

CVE-2025-65966

OneUptime is a solution for monitoring and managing online services. In version 9.0.5598, a low-permission user can create new accounts through a direct API request instead of being restricted to the intended interface. This issue has been patched in version 9.1.0...

8.8CVSS0.00269EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/29 9:32 a.m.11 views

CVE-2025-41090

microCLAUDIA in v3.2.0 and prior has an improper access control vulnerability. This flaw allows an authenticated user to perform unauthorized actions on other organizations' systems by sending direct API requests. To do so, the attacker can use organization identifiers obtained through a...

7.6CVSS6.8AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2025/04/22 9:15 a.m.3 views

CVE-2025-3518

It technically possible for a user to upload a file to a conversation despite the file upload functionality being disabled. The file upload functionality can be enabled or disabled for specific use cases through configuration. In case the functionality is disabled for at least one use case, the...

4.3CVSS5.7AI score0.00198EPSS
Exploits0References1
Rows per page
Query Builder