CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/12 8:16 p.m.•4 views

CVE-2026-42889

Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured, WebSocket connections without a token query parameter were incorrectly treated as having full...

9.1CVSS0.00053EPSS

Vulnrichment•added 2026/05/12 7:30 p.m.•4 views

CVE-2026-42889 Relay Server WebSocket authentication bypass when token is omitted

CVE•added 2026/05/12 7:30 p.m.•10 views

CVE-2026-42889

Summary (CVE-2026-42889): Relay Server (used with Obsidian) versions 0.9.0–0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured, WebSocket connections without a token query parameter were treated as having full server permissions, all...

OSV•added 2026/05/12 6:28 p.m.•3 views

MINI-4H23-67GQ-XPVW

Bulletin has no description...

7.5CVSS5.7AI score0.00018EPSS

OSV•added 2026/05/12 4:45 p.m.•1 views

MINI-3XGC-53CX-FF5F

Bulletin has no description...

8.2CVSS5.7AI score0.00013EPSS

OSV•added 2026/05/12 3:41 p.m.•5 views

MINI-3Q3M-F8VH-FCC8

Bulletin has no description...

5.3CVSS5.7AI score0.00021EPSS

Exploits1

Nextcloud•added 2026/05/12 9:7 a.m.•9 views

Logged-in user bypasses share password and download restrictions on Text attachments via documentId

None...

6.5CVSS5.8AI score0.00017EPSS

Exploits0References2Affected Software1

OSV•added 2026/05/12 3:49 a.m.•1 views

MINI-W737-RP7H-6X4Q

Bulletin has no description...

6.1CVSS5.7AI score0.00014EPSS

OSV•added 2026/05/12 3:49 a.m.•1 views

MINI-VW74-24FX-VMMF

Bulletin has no description...

5.9CVSS5.7AI score0.00006EPSS

OSV•added 2026/05/12 3:49 a.m.•2 views

MINI-V3QQ-HQPF-8V99

Bulletin has no description...

7.5CVSS5.7AI score0.00021EPSS

OSV•added 2026/05/12 3:49 a.m.•2 views

MINI-PQ2M-J5PR-C4QM

Bulletin has no description...

6.1CVSS5.7AI score0.00011EPSS

OSV•added 2026/05/12 3:48 a.m.•2 views

MINI-3673-3WXJ-CWPM

Bulletin has no description...

6.1CVSS5.7AI score0.00011EPSS

OSV•added 2026/05/12 3:48 a.m.•1 views

MINI-8HWM-VGV3-4957

Bulletin has no description...

7.5CVSS5.7AI score0.00058EPSS

OSV•added 2026/05/12 3:48 a.m.•2 views

MINI-86QW-WX92-PXJR

Bulletin has no description...

7.5CVSS5.7AI score0.00009EPSS

OSV•added 2026/05/12 3:45 a.m.•0 views

MINI-24J5-V4M9-MHVP

Bulletin has no description...

5.3CVSS5.7AI score0.0001EPSS

EUVD•added 2026/05/12 3:31 a.m.•7 views

EUVD-2026-29358

Reserved. Details will be published at disclosure...

5.8AI score0.00069EPSS

Exploits0References3

EUVD•added 2026/05/12 3:31 a.m.•4 views

EUVD-2026-29355

Reserved. Details will be published at disclosure...

5.8AI score0.00259EPSS

Exploits0References3

CNNVD•added 2026/05/12 12:0 a.m.•3 views

Relay Server 安全漏洞

Relay Server is an open-source system by System 3 that supports offline collaborative real-time document synchronization. There were security vulnerabilities in the Relay Server versions 0.9.0 to 0.9.6. These vulnerabilities stemmed from WebSocket endpoints for multiple documents, where WebSocket...

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40422