Lucene search
K

7 matches found

OSV
OSV
added 2026/06/18 1:7 p.m.4 views

GHSA-6X8V-2FQ5-2229 ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers

Summary A flaw in the user lifecycle enforcement allowed deleted users to retain their original organization/tenant association. Recreating a deleted user under a distinct organization can cause the new user instance to be incorrectly provisioned within the original organization if the previous I...

2.3CVSS5.5AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.16 views

PT-2026-50739

Name of the Vulnerable Software and Affected Versions ZITADEL versions 4.0.0 through 4.15.1 ZITADEL versions 3.0.0 through 3.4.11 Description A flaw in user lifecycle enforcement allows deleted users to retain their original organization or tenant association. When a user is deleted, the historic...

2.3CVSS5.9AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/11/20 10:41 p.m.5 views

CVE-2025-13420

A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store/EventStore.php. This manipulation of the argument eventSubject causes sql injection. The attack can be initiated remotely. The exploit has been ma...

9.8CVSS7.1AI score0.00339EPSS
Exploits1References1
NVD
NVD
added 2025/11/19 11:15 p.m.3 views

CVE-2025-13420

A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store/EventStore.php. This manipulation of the argument eventSubject causes sql injection. The attack can be initiated remotely. The exploit has been ma...

9.8CVSS0.00339EPSS
Exploits1References5
CVE
CVE
added 2025/11/19 10:32 p.m.13 views

CVE-2025-13420

CVE-2025-13420 affects itsourcecode Human Resource Management System 1.0. The issue is a vulnerability in processing the eventSubject argument in /src/store/EventStore.php, enabling SQL injection. Exploitation is possible remotely and public exploits exist. Multiple sources (NVD, Red Hat, CVE lis...

9.8CVSS7.2AI score0.00339EPSS
Exploits1References5Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in hapi-event-store (npm)

The package hapi-event-store was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-22178 Malicious code in hapi-event-store (npm)

The package hapi-event-store was found to contain malicious code...

7.2AI score
Exploits0
Rows per page
Query Builder