CVE-2026-29204

Insufficient ownership check in clientarea.php allows an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's account...

CVE-2026-40252 Broken Access Control (IDOR) Leading to Cross-Tenant Application Access in FastGPT

FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability IDOR/BOLA allows any authenticated team to access and execute applications belonging to other teams by supplying a foreign appId. While the API correctly validates the team token, it does not verify...

Vikjuna: IDOR in Task Attachment ReadOne Allows Cross-Project File Access and Deletion

TaskAttachment.ReadOne queries attachments by ID only WHERE id = ?, ignoring the task ID from the URL path. The permission check in CanRead validates access to the task specified in the URL, but ReadOne loads a different attachment that may belong to a task in another project. This allows any...

langfuse Access Control Vulnerability

Langfuse is an open-source large language model engineering platform developed by Langfuse. Versions of Langfuse 3.146.0 and earlier contained a access control vulnerability. This vulnerability stemmed from the /api/public/slack/install endpoint using ProjectId provided by unauthenticated or...

Rallly 安全漏洞

Rallly is a scheduling and collaboration tool from Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in versions of Rallly prior to 4.5.4, which stems from improper authorization and could cause an arbitrary authenticated...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements for parameter ID in file /management/addmcommittee.php. An attacker can exploit th...

CesiumLab Web 注入漏洞

CesiumLab Web is a geographic information base data processing platform from China Earth Visualization Laboratory CesiumLab Inc. An injection vulnerability exists in CesiumLab Web 4.0 and earlier versions, which stems from a misuse of a parameter ID resulting in SQL injection...

AC Repair and Services System SQL注入漏洞

AC Repair and Services System is an air conditioning repair and services system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in AC Repair and Services System version 1.0, which stems from a misuse of the parameter id resulting in sql injection...

kenny2automate 输入验证错误漏洞

kenny2automate is a small Discord bot by the individual developers at AbyxDev. An input validation error vulnerability exists in previous versions of kenny2automate a947d7c, which stems from a failure to perform validation to ensure that the submitted channel ID actually belongs to the server bei...