269 matches found
CVE-2026-27761
Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...
EUVD-2026-41465
The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container...
CVE-2026-55188
RustFS’s ListRemoteTargetHandler in versions 1.0.0-alpha.1 through 1.0.0-beta.8 contains an authorization bypass that only checks for credentials and neglects to verify replication or admin permissions. This allows an authenticated user without bucket/admin rights to list remote replication targe...
CVE-2026-9221
CVE-2026-9221 affects Setracker2 Android Companion App (com.tgelec.setracker)
ROS-20260622-73-0014
The vulnerability of the Audio/Video components in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Lexmark Printers Cross-site Scripting (CVE-2019-18791)
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser. This plugin only works with Tenable.ot. Please visit...
GHSA-VMF9-XX9W-86WX PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools
PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools Summary praisonaiagents.mcp.ToolsMCPServer.runsse builds a Starlette MCP HTTP+SSE server around mcp.server.sse.SseServerTransport. The server exposes /sse and /messages/, but it does not valida...
PT-2026-49331
Name of the Vulnerable Software and Affected Versions grocy version 4.6.0 Description SQL injection occurs at the '/stockreports/spendings' endpoint through the product-group parameter. This allows attackers to access sensitive database information by using a crafted SQL statement. SQL injection ...
CVE-2026-44895
GitLab MCP Server lets an AI agent talk directly to GitLab. Prior to 0.6.0, the HTTP transport in src/transport.ts ships with no authentication layer at all and a wildcard Access-Control-Allow-Origin: on every response. The structural defect is that the SSE server stands up a stateful,...
CVE-2026-24761
Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belonging to other users due to insufficient authorization checks on resource...
CVE-2018-25405
eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters to extract...
Joomla! Responsive Portfolio SQL注入漏洞
Joomla! Responsive Portfolio is a Joomla! open source Joomla website portfolio extension. A SQL injection vulnerability exists in Joomla! Responsive Portfolio version 1.6.1, which stems from SQL injection of multiple filter parameters, which could lead to an authenticated attacker injecting...
CVE-2026-8236 Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate for endpoint /ccm/system/dialogs/file/usage/{fID}
Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate. The endpoint /ccm/system/dialogs/file/usage/fID accepts an integer file ID in the URL and returns internal site structure data page IDs, versions, URL paths to anyone who sends a GET request. The...
CVE-2026-8598
An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials...
CVE-2026-8598
An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials...
MAL-2026-4676 Malicious code in svharness (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3aef9a7535c16df930fdb10e5b60773f5ba2e0a8cd102d53a4cc3da122cfd473 When the documented svharness build --baseline or svharness wizard command is run, the tool's default 'tasks' wiki mode scans and bundles the caller'...
Astra Linux – Vulnerability in Consul
HashiCorp Consul and Consul Enterprise 1.10.1: The TXN.Apply endpoint allows for the registration of proxies for other services, enabling access to service traffic. This feature was fixed in versions 1.8.15, 1.9.9, and 1.10.2...
PT-2026-42207
Name of the Vulnerable Software and Affected Versions Algernon versions prior to 1.17.7 Description On Linux and macOS, the SSE event server binds to 0.0.0.0:5553 by default, making it accessible to any peer on the same local area network LAN. This occurs because the platform-dependent host defau...
Rocket.Chat: Autotranslate DDP Method Exposes Private Messages Without Authentication or Room Access Check
Vulnerability description not provided...
CVE-2026-6402 webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins
webpack-dev-server versions up to and including 5.2.3 are vulnerable to cross-origin source code exposure when serving over a non-potentially trustworthy origin such as plain HTTP. The previous fix relied on the Sec-Fetch-Mode and Sec-Fetch-Site request headers, which browsers omit for...