CVE-2026-56781

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...

EUVD-2026-40157

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...

CVE-2023-30843

Payload is a free and open source headless content management system. In versions prior to 1.7.0, if a user has access to documents that contain hidden fields or fields they do not have access to, the user could reverse-engineer those values via brute force. Version 1.7.0 contains a patch. As a...

PT-2023-22998 · Pyload · Pyload

Name of the Vulnerable Software and Affected Versions: Payload versions prior to 1.7.0 Description: The issue allows a user to reverse-engineer hidden field values via brute force if they have access to documents containing these fields. This can be done by attempting to access hidden field data...