GHSA-5F53-522J-J454 Flowise Missing Authentication on NVIDIA NIM Endpoints

Missing Authentication on NVIDIA NIM Endpoints Summary The NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. Vulnerability Details | Field | Value |...

CVE-2026-1103

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verifyuserloggedin' as a permission callback, which only checks if a...

CVE-2024-13982

SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...

PT-2025-34953 · Spon Communications · Spon Ip Network Broadcast System

Name of the Vulnerable Software and Affected Versions: SPON IP Network Broadcast System affected versions not specified Description: SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read flaw. The issue stems from...