Lucene search
K

56 matches found

CVE
CVE
added 2026/06/24 5:33 a.m.6 views

CVE-2026-9175

The CVE concerns the WordPress plugin Devs Accounting – Simple Accounting and Invoicing Solution, affected versions up to 1.2.0. The root cause is a REST endpoint get-account in get_single_account() where the permission_callback unconditionally returns true, resulting in missing authorization for...

5.3CVSS6AI score0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52081

Name of the Vulnerable Software and Affected Versions Twenty versions prior to 2.9.0 Description An insecure direct object reference IDOR exists in the AI agent monitor's AgentTurnResolver and the agent-turn-grader.service.ts file. The agentTurnsagentId query and the evaluateAgentTurnturnId...

7.6CVSS5.8AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.8 views

PT-2026-51633

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Gogs contains an information disclosure issue where the 'GET /api/v1/orgs/:orgname/teams' endpoint returns all teams for any organization without requiring authentication. This occurs because the route...

6.9CVSS5.9AI score0.01553EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-50181

Name of the Vulnerable Software and Affected Versions Daytona versions prior to 0.185.0 Description Organization role update and delete endpoints authorized the caller as an owner of the organization in the request path but mutated the target role using only its identifier without verifying the...

7.7CVSS5.8AI score0.00186EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/27 2:12 a.m.15 views

CVE-2026-38587

An Insecure Direct Object Reference IDOR vulnerability was discovered in ONLYOFFICE DocSpace before 3.2.1. The flaw exists in multiple REST API endpoints. This allows authenticated users with low-level permissions User or Guest to retrieve sensitive information, such as the Owner's unique...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/14 8:24 p.m.14 views

Open WebUI has Broken Access Control for Completions API

Summary Any user X can continue the conversation of any other user Y, as long as the Chat ID of Y is known. User X does not even need to be an admin to do so. Details A user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of anoth...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.15 views

PT-2026-41179

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description An issue exists where a user can continue the conversation of another user if the target user's Chat ID is known. This occurs because the system fails to verify if the Chat ID matches the user who...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/14 1:23 a.m.3 views

CVE-2026-40077

Beszel is a server monitoring platform. Prior to 0.18.7, some API endpoints in the Beszel hub accept a user-supplied system ID and proceed without further checks that the user should have access to that system. As a result, any authenticated user can access these routes for any system if they kno...

3.5CVSS5.8AI score0.00219EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:59 p.m.2 views

CVE-2026-35023

Wimi Teamwork On-Premises versions prior to 8.2.0 contain an insecure direct object reference vulnerability in the preview.php endpoint where the itemid parameter lacks proper authorization checks. Attackers can enumerate sequential itemid values to access and retrieve image previews from other...

5.3CVSS5.9AI score0.00179EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.8 views

PT-2026-29161

Name of the Vulnerable Software and Affected Versions MCP Java SDK versions prior to 1.0.1 MCP Java SDK versions prior to 1.1.1 Description The MCP Java SDK contains a hardcoded wildcard Cross-Origin Resource Sharing CORS configuration, specifically setting Access-Control-Allow-Origin to ''. This...

6.1CVSS7.5AI score0.00222EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.6 views

CVE-2026-4984

The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'. When processing media messages, it fetches user-controlled URLs 'MediaUrlN' parameters using HTTP requests that include the integration's Twilio credentials in the 'Authorization'...

8.2CVSS6AI score0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/20 5:52 a.m.3 views

CVE-2026-33043 AVideo affected by Session Hijacking via Unauthenticated Session ID Disclosure with Permissive CORS

WWBN AVideo is an open source video platform. In versions 25.0 and below, /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials...

8.1CVSS5.8AI score0.00345EPSS
Exploits1References2
OSV
OSV
added 2026/03/16 9:17 p.m.3 views

GHSA-WWG8-6FFR-H4Q2 Admidio is Missing CSRF Validation on Role Delete, Activate, and Deactivate Actions

Summary The delete, activate, and deactivate modes in modules/groups-roles/groupsroles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The client-side UI passes a CSRF token to callUrlHideElement, which includes it in the POST body, but the...

5.7CVSS6AI score0.0013EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.6 views

CVE-2026-28682

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, the upload status SSE implementation on /uploadStatus publishes global upload state to any authenticated listener and includes fileid values that are not scoped to the requesting...

6.4CVSS5.7AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2026/02/25 6:48 p.m.16 views

CVE-2026-25930

OpenEMR before version 8.0.0 is affected by a vulnerability in the Layout-Based Form (LBF) printable view: the request can supply formid and visitid/patientid without verifying that the form belongs to the authenticated user’s patient/encounter. An authenticated user with LBF access can enumerate...

6.5CVSS5.5AI score0.0026EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/02/02 5:31 p.m.4 views

GHSA-6WHJ-7QMG-86QJ Khoj has an IDOR in Notion OAuth Flow that Enables Index Poisoning

Summary An IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion...

5.4CVSS5.7AI score0.00361EPSS
Exploits1References5
CVE
CVE
added 2026/01/24 8:26 a.m.22 views

CVE-2026-0633

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor (WordPress)

3.7CVSS5.5AI score0.00187EPSS
Exploits0References2
OSV
OSV
added 2025/12/19 3:31 p.m.5 views

GHSA-R2H2-G46H-8MX8 pretix has Broken Access Control Allowing Cross-User File Access via UUID

Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS6.7AI score0.00226EPSS
Exploits0References4
NVD
NVD
added 2025/12/19 1:16 p.m.6 views

CVE-2025-14882

An API endpoint allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS0.00226EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 7:16 p.m.5 views

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

3.5CVSS5.9AI score0.00097EPSS
Exploits1References2
Rows per page
Query Builder