Lucene search
+L

67 matches found

Cvelist
Cvelist
added 2 days ago35 views

CVE-2024-23567

HCL Aftermarket EPC is affected by Sensitive Information in GET method & in URL which allows application to pass sensitive data via URL parameters during normal usage. Data passed in this manner can be exposed because it may end up stored in unintended locations, including server logs, local...

4.3CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-62386

The Grav API plugin getgrav/grav-plugin-api before 1.0.0-rc.16 accepts JWT access tokens through the ?token= URL query parameter on every API route JwtAuthenticator::extractBearerToken fallback. Because tokens are embedded in URLs, they are logged verbatim in web server access logs, leaked via th...

8.2CVSS0.00269EPSS
Exploits0References2
NVD
NVD
added 3 days ago10 views

CVE-2026-46515

Frogman provides headless PBX control through MCP and HTTP API. Prior to 1.6.3, PERMREAD access was sufficient to call fmlistmanagers, fmlistpinsets, fmshowcontext, fmgetmcpconfig, fmbackupstatus, fmwhoscalling, fmrunsavedquery, and fmdiagnosetrunk, exposing AMI manager secrets, outbound dial PIN...

9.3CVSS0.00323EPSS
Exploits0References6
CVE
CVE
added 3 days ago12 views

CVE-2026-46515

CVE-2026-46515 (Frogman) affects Frogman’s headless PBX control via MCP and HTTP API. Before version 1.6.3, a PERM_READ privilege was sufficient to call multiple endpoints (fm_list_managers, fm_list_pinsets, fm_show_context, fm_get_mcp_config, fm_backup_status, fm_whos_calling, fm_run_saved_query...

9.3CVSS6.2AI score0.00323EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/08 3:44 p.m.31 views

CVE-2026-59262 AFFiNE - Unauthorized Document Edit History Access via GraphQL histories Field

AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails...

7.1CVSS0.00238EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/08 3:44 p.m.5 views

EUVD-2026-42314

AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails...

7.1CVSS6AI score0.00238EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40426

Capgo console.capgo.app/login before 12.128.2 accepts accesstoken and refreshtoken in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious links to force victims into attacker-controlled sessions, exposing tokens in browser history and logs...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/18 10:12 p.m.26 views

CVE-2026-56077 PraisonAI - Information Disclosure via Shared MultiAgentLedger State

PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expo...

7.1CVSS0.00256EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 2:3 p.m.40 views

CVE-2026-45563 Roxy-WI: IDOR — any authenticated user can read another user's full action history

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history// re-uses the serverip path parameter as a user-id when service == 'user', with no authorization check. Any authenticated user — even a guest in an unrelated group —...

4.3CVSS0.00176EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 2:3 p.m.22 views

CVE-2026-45563

CVE-2026-45563 affects Roxy-WI, a web interface for managing HAProxy, Nginx, Apache and Keepalived. In versions ≤ 8.2.6.4, GET /history// re-uses the server_ip path parameter as a user-id when service == 'user', without any authorization check. This enables any authenticated user (including a gue...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 2:3 p.m.3 views

CVE-2026-45563 Roxy-WI: IDOR — any authenticated user can read another user's full action history

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history// re-uses the serverip path parameter as a user-id when service == 'user', with no authorization check. Any authenticated user — even a guest in an unrelated group —...

4.3CVSS6AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 1:39 p.m.13 views

GHSA-VRMH-5MMX-HJWX Nezha's private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing data

Private services EnableShowInService: false are enumerable via per-server endpoints, leaking name and timing data CWE: CWE-285 Improper Authorization via CWE-200 Exposure of Sensitive Information to an Unauthorized Actor and CWE-863 Incorrect Authorization — inconsistent gating across data-reader...

5.3CVSS5.7AI score0.00253EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.25 views

PT-2026-48602

Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.2 Description After the handleOperatorCreateAPIKey function in internal/web/operators.go:251 generates a 32-byte bearer token, the application redirects the browser to the endpoint /ui/operators/?new key=&key...

5.5CVSS5.9AI score0.00012EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/09 7:35 a.m.8 views

CVE-2026-34905 Apache Answer: Unlisted Questions Accessible via Direct API Access

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenticated users to discover and access unlisted...

5.4AI score0.00325EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:47 p.m.11 views

Security Bulletin: Unauthenticated Session History Access via Public Flow Execution

Summary A session ID namespace bypass vulnerability existed in Langflow OSS' POST /api/v1/buildpublictmp/flowid/flow endpoint that allowed unauthenticated attackers to access chat history from other users' sessions. The endpoint accepted an inputs.session parameter that could override the session...

8.1CVSS5.5AI score0.00248EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/05/28 8:59 p.m.13 views

EUVD-2026-33059

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bearer tokens passed...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:13 p.m.15 views

CVE-2025-62317 HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters.

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions...

2.6CVSS5.8AI score0.00115EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/12 6:17 p.m.15 views

PYSEC-2026-30

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/05/12 4:33 p.m.13 views

EUVD-2026-29537

Zulip is an open-source team collaboration tool. Prior to 12.0, With messageedithistoryvisibilitypolicy set to "moves", /api/v1/messages/id/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This...

6CVSS5.8AI score0.00247EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/05 7:8 p.m.13 views

AVideo: Password Hash Leak in MobileManager OAuth Redirect URL Enables Account Takeover

Summary plugin/MobileManager/oauth2.php completes an OAuth login by sending an HTTP 302 Location: oauth2Success.php?user=&pass= where is the victim's stored password hash md5hash"whirlpool", sha1password read directly from the users table. AVideo's own login endpoint objects/login.json.php accept...

6.8CVSS5.8AI score0.00285EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder