Lucene search
K

45 matches found

EUVD
EUVD
added 4 days ago5 views

EUVD-2026-40890

The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the...

4.3CVSS5.8AI score0.00293EPSS
Exploits0References20
Cvelist
Cvelist
added 2026/06/21 1:26 p.m.29 views

CVE-2026-56229 Capgo - Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/logs

Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access build jobs belonging to different applications by supplying a mismatched appid and jobid combination. Limited API keys restricted to a single app can...

7.1CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/06/21 1:26 p.m.13 views

CVE-2026-56229

Capgo before 12.128.2 has an authorization bypass in /build/status and /build/logs that lets an attacker access build jobs from other apps by mixing app_id and job_id. Limited API keys scoped to one app can read status/logs across apps by using an authorized app_id with a job_id from another app,...

7.1CVSS5.9AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 7:51 a.m.16 views

EUVD-2026-33592

A bug in Apache Airflow's bulk Task Instances API PATCH/DELETE /api/v2/dags/dagid/dagRuns/dagrunid/taskInstances evaluated authorization against the dagid resolved from the URL path while operating on the dagid / dagrunid extracted from request-body entity fields. An authenticated UI/API user wit...

5.8AI score0.00458EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.9 views

PT-2026-45976

A bug in Apache Airflow's bulk Task Instances API PATCH/DELETE /api/v2/dags/dag id/dagRuns/dag run id/taskInstances evaluated authorization against the dag id resolved from the URL path while operating on the dag id / dag run id extracted from request-body entity fields. An authenticated UI/API...

7.5CVSS5.8AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/28 4:50 p.m.9 views

CVE-2026-45297

OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, there is a cross-tenant IDOR on feature-flag and assist-stats routes via projectid case mismatch. ProjectAuthorizer.call OSS api/auth/authproject.py:14-38 and EE ee/api/auth/authproject.py:14-46 only runs...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44458

OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, there is a cross-tenant IDOR on feature-flag and assist-stats routes via project id case mismatch. ProjectAuthorizer. call OSS api/auth/auth project.py:14-38 and EE ee/api/auth/auth project.py:14-46 only runs projects.is...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: octeonep VF: Fixed the issue where the devid used in the freeirq function did not match the original devid during the IRQ rollback process. The octepvfrequestirqs function requests MSI-X queues for IRQs using ioqvector as th...

7.8CVSS5.7AI score0.00152EPSS
Exploits0References2
CVE
CVE
added 2026/05/15 5:6 p.m.14 views

CVE-2026-42207

OpenMage/magento-lts before version 20.18.0 is affected by an open redirect in Mage_ProductAlert_AddController::stockAction(). If the product_id does not reference a catalog product, the handler redirects to the URL supplied in the uenc parameter without validating it via _isUrlInternal(), allowi...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 5:6 p.m.12 views

EUVD-2026-30570

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, MageProductAlertAddController::stockAction reads the uenc query parameter and passes...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-43047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: multitouch: Check to ensure report responses match the request It is possible for a malicious or clumsy device to respond to a specific report's feature...

7.8CVSS7.1AI score0.0012EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 2:15 p.m.24 views

CVE-2026-43047

The CVE-2026-43047 issue concerns the Linux kernel HID multitouch subsystem. A malicious or misconfigured HID device could answer a feature request with a different report ID than requested, causing the HID core to misinterpret data and potentially trigger out-of-bounds writes. The bug is fixed b...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.12 views

CVE-2026-43001

An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credentia...

8.5CVSS5.8AI score0.00446EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/02 8:26 a.m.3 views

CVE-2026-29133 UID Regex Bypass

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address...

5.3CVSS5.9AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/24 3:44 p.m.4 views

CVE-2026-33678

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, TaskAttachment.ReadOne queries attachments by ID only WHERE id = ?, ignoring the task ID from the URL path. The permission check in CanRead validates access to the task specified in the URL, but ReadOne loads ...

8.1CVSS5.8AI score0.00265EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/03/18 6:16 p.m.3 views

CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

5.5CVSS0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 6:16 p.m.7 views

UBUNTU-CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References6
CVE
CVE
added 2026/03/18 5:44 p.m.13 views

CVE-2026-23265

Summary: CVE-2026-23265 relates to the Linux kernel F2FS filesystem. The issue arises from a faulty sanity check on the node footer during read/end_io paths, leading to an inconsistency between the node page index (nid) and footer.nid. If a node page footer is corrupted (e.g., in a fuzzed image) ...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/02/26 1:16 a.m.14 views

CVE-2026-27840

ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are still considered valid. Zitadel uses a symmetric AES encryption for opaque tokens. The cleartext...

4.3CVSS0.00142EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/25 3:15 p.m.7 views

CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

7.8CVSS5.7AI score0.00152EPSS
Exploits0References5
Rows per page
Query Builder