Lucene search
K

114 matches found

CVE
CVE
added 9 hours ago5 views

CVE-2026-12274

The CVE-2026-12274 entry concerns the Tutor LMS WordPress plugin prior to 3.9.13. It fails to verify that a requesting user is authorized to edit a target post before overwriting it in a content-builder save handler, authenticating only against an unrelated identifier. This allows authenticated u...

6.1AI score
Exploits0References1
NVD
NVD
added 2026/06/27 8:16 a.m.16 views

CVE-2026-11987

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 via the 'id' parameter due to missing validation on a user controlled key. This...

4.3CVSS0.00271EPSS
Exploits0References14
VulnCheck KEV
VulnCheck KEV
added 2026/06/26 12:0 a.m.26 views

VulnCheck KEV: CVE-2026-55255

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

9.9CVSS5.8AI score0.00467EPSS
In wildExploits2References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39966

TypeBot is a chatbot builder tool. In versions 3.15.2, the getLinkedTypebots API endpoint returns full bot definitions to any authenticated user who references a target bot ID in a Typebot Link block, regardless of workspace ownership, leading to IDOR. The authorization check uses Array.filter wi...

6.5CVSS5.4AI score0.00256EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 12:37 p.m.6 views

CVE-2026-11369

The Comment API GET /api/Comment and POST /api/Comment in the affected application fails to perform authorization checks to verify that the requesting user has access to the object identified by the relatedObjectId. This Insecure Direct Object Reference IDOR vulnerability allows any authenticated...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/01 9:51 p.m.31 views

CVE-2026-24756 Kiteworks Secure Data Forms is vulnerable to Authorization Bypass Through User-Controlled Key

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...

4.3CVSS0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:49 p.m.11 views

CVE-2026-24755

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/21 9:13 p.m.20 views

CVE-2026-8337

Concrete CMS

6.3CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/15 9:7 p.m.39 views

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

6.5CVSS0.00277EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/15 9:7 p.m.9 views

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 9:7 p.m.23 views

CVE-2026-45666

CVE-2026-45666 — Open WebUI IDOR in notes endpoint : The API /api/v1/notes/{note_id} allowed authenticated users to read other users’ notes by guessing UUIDs prior to version 0.8.11, enabling unauthorized data disclosure. The issue is fixed in 0.8.11; per-id endpoints now enforce ownership (admin...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/14 8:27 p.m.6 views

GHSA-X3QM-P8HR-3C3H Open WebUI has an Indirect Object Reference (IDOR) in user notes

Summary The API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. This results in unauthorized disclosure of potentially sensitive or private user data. Details - if notes is...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/14 8:27 p.m.11 views

Open WebUI has an Indirect Object Reference (IDOR) in user notes

Summary The API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. This results in unauthorized disclosure of potentially sensitive or private user data. Details - if notes is...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/05/14 3:52 p.m.63 views

CVE-2026-44504 Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's threadid, can execute graph runs against the user's thread, read the user's full...

8.6CVSS0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 11:1 p.m.9 views

CVE-2026-42456 AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (IDOR)

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLLM returns the text-to-speech audio for another user's chat response within the same workspace...

4.3CVSS5.7AI score0.00301EPSS
Exploits1References3
NVD
NVD
added 2026/04/30 9:16 p.m.7 views

CVE-2026-4503

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key...

7.5CVSS0.0034EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 8:48 p.m.3 views

CVE-2026-4503

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key...

7.5CVSS5.2AI score0.0034EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/30 8:48 p.m.7 views

CVE-2026-4503 Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability in Langflow Desktop Image Download Endpoint

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 8:48 p.m.3 views

EUVD-2026-26435

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key...

7.5CVSS5.2AI score0.0034EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.4 views

PT-2026-36190

Name of the Vulnerable Software and Affected Versions IBM Langflow Desktop versions 1.0.0 through 1.8.4 Description An unauthenticated user can view images belonging to other users. This is possible due to an indirect object reference through a user-controlled key. Recommendations At the moment,...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References6
Rows per page
Query Builder