Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/06/23 4:28 p.m.5 views

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

8.4CVSS6.2AI score0.00233EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/10/28 12:27 a.m.11 views

CVE-2025-60982

IDOR vulnerability in Educare ERP 1.0 2025-04-22 allows unauthorized access to sensitive data via manipulated object references. Affected endpoints do not enforce proper authorization checks, allowing authenticated users to access or modify data belonging to other users by changing object...

5.4CVSS6.5AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/29 12:0 a.m.4 views

PT-2025-27373 · Undefined · Undefined

🚨 Fedora 41 just dropped a critical Moodle security update! ✅ Fixes SSRF, IDOR, and password caching flaws CVE-2025-49513 to CVE-2025-49518. Read more: 👉 https://t.co/Nl2zuUwoVS LinuxSecurity EdTech https://t.co/CACOiVyRhw...

7.5AI score
Exploits0References1
Exploit DB
Exploit DB
added 2025/05/01 12:0 a.m.274 views

Daikin Security Gateway 14 - Remote Password Reset

Daikin Security Gateway 214 - Remote Password Reset Vendor: Daikin Industries, Ltd. Product web page: https://www.daikin.com https://www.daikin.eu/enus/products/product.html/DRGATEWAYAA.html Affected version: App: 100, Frm: 214 Summary: The Security gateway allows the iTM and LC8 controllers to...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/04/28 12:0 a.m.256 views

Daikin Security Gateway v214 Remote Password Reset

Summary The Security gateway allows the iTM and LC8 controllers to connect through the Security gateway to the Daikin Cloud Service. Instead of sending the report to the router directly, the iTM or LC8 controller sends the report to the Security gateway first. The Security gateway transforms the...

9.8CVSS5.8AI score0.00607EPSS
Exploits1
OSV
OSV
added 2025/04/25 3:31 p.m.7 views

GHSA-CHMF-M33P-PH8M Moodle allows IDOR in RSS block, which allows access to additional RSS feeds

A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks...

4.3CVSS9.2AI score0.00278EPSS
Exploits0References7
Rows per page
Query Builder