Lucene search
K

63336 matches found

NVD
NVD
added yesterday4 views

CVE-2026-40452

Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB. Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users. This issue affects Apache IoTDB: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users are recommended to...

7.5CVSS0.0014EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-42837

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00132EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-40009

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00132EPSS
Exploits0References2Affected Software1
NVD
NVD
added yesterday7 views

CVE-2026-21040

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS0.00099EPSS
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-21041

Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added yesterday8 views

CVE-2026-21039

Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...

6.9CVSS0.00105EPSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-42820

Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-21050

CVE-2026-21050 describes an improper access control vulnerability in SmartThingsKit prior to the SMR Jul-2026 Release 1. The issue allows local attackers to access sensitive information due to insufficient access restrictions in the affected component. CVSS 4.0 base vector indicates LOCAL attack,...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-21050

Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday7 views

CVE-2026-21050

Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

5.1CVSS0.00105EPSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42812

Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.9AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-21041

Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.9AI score0.00105EPSS
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-42811

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS5.9AI score0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-21040

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS5.9AI score0.00099EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday7 views

CVE-2026-21040

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS0.00099EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-21040

CVE-2026-21040 affects IAFDService; the root cause is improper access control that allows local privileged attackers to use the privileged APIs prior to SMR Jul-2026 Release 1. Documented impact includes access to high-privilege APIs with local execution, and no exploitation or remediation steps ...

6.9CVSS5.9AI score0.00099EPSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42810

Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...

6.9CVSS5.9AI score0.00105EPSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-21039

Technical details about CVE-2026-21039 are not publicly available in the provided documents. Monitor for updates from Samsung security advisories and official CVE records for affected products, versions, and mitigations.

6.9CVSS5.9AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-21039

Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...

6.9CVSS5.9AI score0.00105EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday8 views

CVE-2026-21039

Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...

6.9CVSS0.00105EPSS
Exploits0References1
Rows per page
Query Builder