2072 matches found
CVE-2026-61503
Rejetto HFS 3.0.0 through 3.2.0 returns observably different responses from its login endpoint depending on whether the submitted username exists. A remote unauthenticated attacker can use this to confirm valid account names, including the default admin account, facilitating password-guessing and...
CVE-2026-61503
CVE-2026-61503 – Rejetto HFS : Affects HFS 3.0.0–3.2.0. The login endpoint returns observably different responses depending on whether the username exists, enabling remote, unauthenticated actors to confirm valid accounts (including the default admin) and facilitating password guessing and sessio...
CVE-2026-56296 Cap-go - App Existence Oracle via Unauthenticated transfer_app RPC
Cap-go before 12.128.2 contains an information disclosure vulnerability in the public.transferapp RPC function that returns distinct error messages for existing versus non-existing app IDs. Unauthenticated attackers can enumerate valid app IDs by observing error message differences when calling...
CVE-2026-58492
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-49274
Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites using the pages field with roles that have the pages.access permission disabled allowed authenticated users to provide an inaccessible parent page or site to the page picker backend and confirm arbitrary page...
CVE-2026-56284 Capgo - Unauthenticated Metrics Disclosure via get_total_metrics RPC
Capgo Cap-go/capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST RPC function public.gettotalmetricsorgid, which is callable by the anon role using only the public sbpublishable key. An unauthenticated attacker can probe organization existence and leak...
CVE-2026-56284
Capgo (Cap-go/capgo) before version 12.128.2 has an information disclosure flaw in the Supabase PostgREST RPC function public.get_total_metrics(org_id). The RPC is callable by the anon role using only the public sb_publishable_* key, allowing an unauthenticated attacker to probe organization exis...
EUVD-2026-42253
Capgo Cap-go/capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST RPC function public.gettotalmetricsorgid, which is callable by the anon role using only the public sbpublishable key. An unauthenticated attacker can probe organization existence and leak...
CVE-2026-56812
The Phoenix JavaScript presence client suffers a client-side denial of service due to an unsafe existence check in Presence.syncState() and Presence.syncDiff(). By using a bare truthiness test (state[key]) to detect existing presences, attacker-controlled keys that collide with Object.prototype (...
CVE-2026-53422
Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...
UBUNTU-CVE-2026-53422
Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...
CVE-2026-53422
Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...
CVE-2026-53422
CVE-2026-53422 describes an observable response discrepancy in Erlang/OTP ssh_sftpd where the REALPATH handling bypasses the root check, enabling an authenticated SFTP user to determine the existence of files/directories outside the configured root. The uncanonicalized path can trigger resolve_sy...
CVE-2026-53422 SFTP REALPATH path-existence oracle allowing filesystem enumeration outside configured root
Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...
EEF-CVE-2026-53422 SFTP REALPATH path-existence oracle allowing filesystem enumeration outside configured root
Summary Observable Response Discrepancy vulnerability in Erlang OTP ssh ssh\sftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSH\FXP\REALPATH handler in ssh\sftpd calls relate\file\name/3 with...
EUVD-2026-40438
Capgo before 12.128.2 contains an information disclosure vulnerability in the public.inviteusertoorg RPC function that allows unauthenticated attackers to enumerate organization existence by observing distinct error responses. Attackers can call the SECURITY DEFINER function with a publishable AP...
CVE-2026-56327
Capgo before 12.128.2 contains an information disclosure vulnerability in the public.invite_user_to_org RPC that allows unauthenticated attackers to enumerate organization existence by observing distinct error responses. Attackers can call a SECURITY DEFINER function with a publishable API key to...
CVE-2026-56327 Capgo - Unauthenticated Organization Existence Oracle via public.invite_user_to_org RPC
Capgo before 12.128.2 contains an information disclosure vulnerability in the public.inviteusertoorg RPC function that allows unauthenticated attackers to enumerate organization existence by observing distinct error responses. Attackers can call the SECURITY DEFINER function with a publishable AP...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the id parameter in playlist operations. An attacker can access or delete other users' playlists, and probe for the existence of arbitrary files by supplying a crafted base64-encoded...
CVE-2026-44731
OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid account and discloses the user's full name, allowing an attacker to enumerate all existing user account...