Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/22 11:43 a.m.35 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS0.00362EPSS
Exploits0References16
OSV
OSV
added 2026/06/22 11:43 a.m.3 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS6.1AI score0.00362EPSS
Exploits0References19
Github Security Blog
Github Security Blog
added 2026/05/06 5:49 p.m.24 views

Craft CMS's Missing Authorization in GraphQL Address Resolver Allows Cross-Scope PII Disclosure

Summary The GraphQL Address element resolver src/gql/resolvers/elements/Address.php performs no schema scope filtering on top-level queries. A GraphQL API token scoped to a single low-privilege user group can read every address in the system, including addresses belonging to users in groups the...

7.1CVSS5.8AI score0.00338EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:24 a.m.4 views

CVE-2026-42438

OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media attachment loading ...

7.7CVSS5.8AI score0.00236EPSS
Exploits0References4Affected Software1
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.10 views

Update Rollup 7 for System Center 2016 Operations Manager

None None...

5.8AI score
Exploits0
Rows per page
Query Builder