Lucene search
K

537 matches found

OSV
OSV
added 2026/03/12 2:23 p.m.7 views

GHSA-FMFG-9G7C-3VQ7 ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle

Summary The ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network reconnaissance via an error oracle. Two additional co...

5.3CVSS6AI score0.00278EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 9:3 p.m.5 views

GHSA-WG9X-QFGW-PXHJ Feathers has an OAuth Callback Account Takeover issue

An unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's authentication payload has a fallback chain that reaches params.query the raw request query when Grant's session/state responses are empt...

9.3CVSS5.8AI score0.00519EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/10 9:3 p.m.3 views

Improper Authentication

Overview @feathersjs/authentication-oauth is an oAuth 1 and 2 authentication for Feathers. Powered by Grant. Affected versions of this package are vulnerable to Improper Authentication via the callback component. An attacker can gain unauthorized access to existing user accounts by sending a...

9.8CVSS5.8AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.11 views

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.6.2 had code-related vulnerabilities, which stemmed from server-side request forgeing in the notification tester...

8.8CVSS7.3AI score0.00497EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/03/05 8:19 p.m.205 views

Exploit for CVE-2026-29000

CVE-2026-29000: pac4j-jwt JwtAuthenticator authentication bypa...

10CVSS6AI score0.05856EPSS
Exploits17
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.9 views

PT-2026-23074

Name of the Vulnerable Software and Affected Versions pac4j-jwt versions prior to 4.5.9 pac4j-jwt versions prior to 5.7.9 pac4j-jwt versions prior to 6.3.3 Description An authentication bypass exists in the JwtAuthenticator component when processing encrypted JSON Web Tokens JWTs. Remote attacker...

10CVSS6.9AI score0.05856EPSS
Exploits17References58
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.12 views

pac4j-jwt 数据伪造问题漏洞

pac4j-jwt is an JWT authentication module developed by pac4j as open source. Versions of pac4j-jwt prior to 4.5.9, 5.7.9, and 6.3.3 contained a data manipulation vulnerability. This vulnerability stems from the JwtAuthenticator’s inability to properly handle encrypted JWTs, leading to an...

9.3CVSS6.7AI score0.05856EPSS
Exploits17References3
OSV
OSV
added 2026/03/03 9:15 p.m.9 views

CLSA-2026-1772572505 munge: Fix of CVE-2026-25506

CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks and input validation for address length; prevent leak of cryptographic MAC subkey and forging of arbitrary credentials...

7.8CVSS7.6AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/28 7:45 p.m.7 views

CVE-2026-27754

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies an...

6.9CVSS5.9AI score0.00116EPSS
Exploits0References1
NVD
NVD
added 2026/02/27 7:16 p.m.11 views

CVE-2026-27755

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifie...

9.8CVSS0.00402EPSS
Exploits0References2
OSV
OSV
added 2026/02/27 7:16 p.m.3 views

CVE-2026-27755

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifie...

9.8CVSS5.8AI score0.00402EPSS
Exploits0References2
CVE
CVE
added 2026/02/27 6:9 p.m.15 views

CVE-2026-27754

CVE-2026-27754 affects SODOLA SL902-SWTGW124AS firmware up to version 200.1.20, where a cryptographically broken MD5 hash is used to generate session cookies. This can enable predictable tokens and potential unauthorized access to the device due to MD5 weaknesses and token forgery. The descriptio...

6.9CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.10 views

Mailpit 安全漏洞

Mailpit is an email testing tool developed by Ralph Slooten personally. Versions of Mailpit prior to 1.29.2 contained security vulnerabilities. These vulnerabilities stemmed from the link-checking API’s execution of HTTP HEAD requests for each URL found in emails. During these requests, the targe...

8.6CVSS7.3AI score0.00468EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/25 8:25 a.m.4 views

CVE-2026-1916

The WPGSI: Spreadsheet Integration plugin for WordPress is vulnerable to unauthorized modification and loss of data due to missing capability checks and an insecure authentication mechanism on the wpgsicallBackFuncAccept and wpgsicallBackFuncUpdate REST API functions in all versions up to, and...

7.5CVSS5.6AI score0.00357EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.10 views

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos 4.6.0 and earlier contained code vulnerabilities that allowed HTTP redirection during the subscription and payment logo/icon upload process. This vulnerability could lead to server-side request...

7.7CVSS5.9AI score0.00307EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/18 3:4 p.m.12 views

Security Bulletin: Multiple vulnerabilities impact AIX/VIOS due to ISC BIND (CVE-2025-40778, CVE-2025-40780, CVE-2025-8677)

Summary Vulnerabilities in ISC BIND could allow an attacker to inject forged data into the cache CVE-2025-40778, predict the source port and query ID that BIND will use CVE-2025-40780, or cause CPU exhaustion CVE-2025-8677. AIX uses ISC BIND as as part of its DNS functions. Vulnerability Details...

8.6CVSS5.6AI score0.1096EPSS
Exploits1Affected Software2
CVE
CVE
added 2026/02/18 6:0 a.m.19 views

CVE-2026-1368

The CVE-2026-1368 issue affects the Video Conferencing with Zoom WordPress plugin prior to 4.6.6. A broken authentication flaw in a broken AJAX handler with nonce verification disabled allows unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and to retrieve the si...

7.5CVSS5.5AI score0.01211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

smolagents 安全漏洞

smolagents is a basic library for agents, open-sourced by Hugging Face. Version 1.24.0 of smolagents contains a security vulnerability. This vulnerability stems from improper request handling in the LocalPythonExecutor component, which may lead to server-side request forgeing attacks...

9.8CVSS6.6AI score0.00379EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2026/02/14 7:25 a.m.285 views

Exploit for CVE-2026-26335

👤 Author Mohammed Idrees Banyamer Security Researcher...

10CVSS6.7AI score0.02806EPSS
Exploits3
OSV
OSV
added 2026/02/12 6:8 p.m.8 views

USN-8040-1 munge vulnerability

Titouan Lazard discovered that MUNGE contained an exploitable buffer overflow in munged the MUNGE authentication daemon. A local attacker could possibly use this issue to forge MUNGE credentials, leading to arbitrary code execution...

7.8CVSS5.9AI score0.00302EPSS
Exploits0References2
Rows per page
Query Builder