Lucene search
K

6376 matches found

NVD
NVD
added 2026/06/23 9:17 p.m.7 views

CVE-2026-53928

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. passwordChange and passwordReset deleted the user's refresh tokens, but passwordForg...

6.3CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:38 p.m.26 views

CVE-2026-46552 NocoDB: Shared-base link access can invite arbitrary users as persistent base members

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email in...

5.8CVSS0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:3 p.m.5 views

CVE-2026-53928

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. passwordChange and passwordReset deleted the user's refresh tokens, but passwordForg...

6.3CVSS5.9AI score0.00242EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/23 6:11 p.m.7 views

EUVD-2026-38566

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitations could be accepted and declined by a user whose email matched the invitation but had not been verified. Daytona authenticates users via OIDC and...

8.4CVSS6.2AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:17 p.m.9 views

CVE-2026-55255

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

9.9CVSS0.00233EPSS
Exploits2References2
NVD
NVD
added 2026/06/23 5:17 p.m.10 views

CVE-2026-54305

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, three EE endpoints used by the Dynamic Credentials feature accepted any authenticated n8n session without performing per-resource ownership or scope checks on the target workflow or credential. An...

9.9CVSS0.00343EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:17 p.m.6 views

CVE-2026-45732

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, the OAuth1 and OAuth2 credential reconnect endpoints authorized access using credential:read rather than credential:update. An authenticated user with read-only access to a shared credential could initiate ...

8.3CVSS0.00315EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/23 4:42 p.m.8 views

Gogs has an Open Redirect via redirect_to

Summary An open redirect vulnerability exists in Gogs where attacker-controlled redirectto parameters can bypass validation, allowing redirection to arbitrary external sites. Details All redirects in Gogs that are validated via the IsSameSite function are vulnerable: go func IsSameSiteurl string...

5.4CVSS5.9AI score0.00554EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/23 4:28 p.m.68 views

CVE-2026-55255

Langflow CVE-2026-55255 is an IDOR in the /api/v1/responses endpoint where an attacker can execute a victim’s flow by supplying its UUID. The root cause was loading a Flow by UUID without enforcing ownership, via get_flow_by_id_or_endpoint_name; the patched fix (Langflow 1.9.1) adds an owner chec...

9.9CVSS5.9AI score0.00233EPSS
In wildExploits2References2Affected Software1
CVE
CVE
added 2026/06/23 4:25 p.m.48 views

CVE-2026-48519

Langflow CVE-2026-48519 exposes unauthenticated RCE via the Shareable Playground. Affected: Langflow prior to 1.9.2. Vulnerable route: /api/v1/build_public_tmp permits executing any public flow; payloads can inject arbitrary Python code into data.nodes[X].data.node.template.code.value. Impact is ...

9.6CVSS6.3AI score0.00688EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/06/23 3:45 p.m.18 views

CVE-2026-54305

CVE-2026-54305 affects n8n Enterprise instances using the Dynamic Credentials EE Endpoints. Prior to versions 1.123.55, 2.25.7, and 2.26.2, three Dynamic Credentials endpoints accepted any authenticated session without per-resource ownership or scope checks on the target workflow or credential. A...

9.9CVSS6AI score0.00343EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 12:13 p.m.39 views

CVE-2026-56275 Flowise - Server-Side Request Forgery via Execute Flow Base URL

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS0.00183EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:13 p.m.6 views

CVE-2026-56275

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS5.9AI score0.00183EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/23 12:13 p.m.9 views

EUVD-2026-38435

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS5.9AI score0.00183EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 12:13 p.m.12 views

CVE-2026-56275

CVE-2026-56275 concerns Flowise prior to 3.1.0, where the Execute Flow node is vulnerable to a server-side request forgery (SSRF). By supplying intranet addresses in the base URL field, an attacker can bypass security validation and initiate HTTP requests to internal network addresses, potentiall...

7.1CVSS5.9AI score0.00183EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51508

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description A server-side request forgery SSRF issue exists in the Execute Flow node. This occurs due to missing secureFetch verification in httpSecurity.ts, allowing attackers to bypass security validation by...

7.1CVSS5.8AI score0.00183EPSS
Exploits1References8
NVD
NVD
added 2026/06/22 4:16 p.m.9 views

CVE-2026-11942

Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the reusable delete confirmation flow. A user with permission to create or modify records, such as Items, can store HTML/JavaScript in the record name...

4.8CVSS0.00261EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 3:18 p.m.12 views

CVE-2026-11942

CVE-2026-11942 affects Akaunting 3.1.21. The vulnerability is an authenticated stored cross-site scripting flaw in the reusable delete confirmation flow: a user with permission to create or modify records (e.g., Items) can store HTML/JavaScript in a record name, which could be reflected to other ...

4.8CVSS5.7AI score0.00261EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 3:18 p.m.8 views

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References6
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.6 views

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS5.9AI score0.11471EPSS
Exploits8References6
Rows per page
Query Builder