63336 matches found
CVE-2026-40452
Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB. Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users. This issue affects Apache IoTDB: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users are recommended to...
EUVD-2026-42837
Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...
CVE-2026-40009
Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...
CVE-2026-21040
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...
CVE-2026-21039
Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...
CVE-2026-21041
Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...
EUVD-2026-42820
Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21050
CVE-2026-21050 describes an improper access control vulnerability in SmartThingsKit prior to the SMR Jul-2026 Release 1. The issue allows local attackers to access sensitive information due to insufficient access restrictions in the affected component. CVSS 4.0 base vector indicates LOCAL attack,...
CVE-2026-21050
Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21050
Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...
EUVD-2026-42812
Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21041
Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...
EUVD-2026-42811
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...
CVE-2026-21040
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...
CVE-2026-21040
CVE-2026-21040 affects IAFDService; the root cause is improper access control that allows local privileged attackers to use the privileged APIs prior to SMR Jul-2026 Release 1. Documented impact includes access to high-privilege APIs with local execution, and no exploitation or remediation steps ...
CVE-2026-21040
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...
EUVD-2026-42810
Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...
CVE-2026-21039
Technical details about CVE-2026-21039 are not publicly available in the provided documents. Monitor for updates from Samsung security advisories and official CVE records for affected products, versions, and mitigations.
CVE-2026-21039
Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...
CVE-2026-21039
Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...