Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface

A single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SSH keys, ntds.dit or destroying the entire compromised infrastructure, entirely through the operator's own...

CVE-2026-34449

SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Execution RCE on any desktop running SiYuan by exploiting the permissive CORS policy Access-Control-Allow-Origin: + Access-Control-Allow-Private-Network: true to inject a JavaScri...

CVE-2026-34227 Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SS...

CVE-2026-24435 Tenda W30E V2 Permissive CORS Allows Cross-origin Data Access

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 implement an insecure Cross-Origin Resource Sharing CORS policy on authenticated administrative endpoints. The device sets Access-Control-Allow-Origin: in combination with Access-Control-Allow-Credentials: true, allowing...

CVE-2026-24435

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 implement an insecure Cross-Origin Resource Sharing CORS policy on authenticated administrative endpoints. The device sets Access-Control-Allow-Origin: in combination with Access-Control-Allow-Credentials: true, allowing...

PT-2026-4802

Name of the Vulnerable Software and Affected Versions Shenzhen Tenda W30E V2 versions up to and including V16.01.0.195037 Description The device features an insecure Cross-Origin Resource Sharing CORS policy on authenticated administrative endpoints. The configuration sets...

Next.js - Critical - Access bypass - SA-CONTRIB-2025-122

This module enables integration between Next.js and Drupal for headless CMS functionality. When installed, the module automatically enables cross-origin resource sharing CORS with insecure default settings Access-Control-Allow-Origin: , overriding any services.yml CORS configuration. This allows...

CVE-2025-27518

Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixe...

CVE-2025-27518

CVE-2025-27518 affects Cognita (the RAG framework) backend server. The issue is an insecure CORS configuration that allows arbitrary websites to send cross-site requests to the Cognita application. Root cause: misconfigured CORS on the backend. Reported impact is that cross-origin requests could ...

ABB Cylon FLXeon 9.3.4 app.js Insecure CORS Configuration Vulnerability

ABB Cylon FLXeon version 9.3.4 suffers from an insecure CORS configuration. !-- ABB Cylon FLXeon 9.3.4 app.js Insecure CORS Configuration Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Serie...

ABB Cylon FLXeon 9.3.4 app.js Insecure CORS Configuration

ABB Cylon FLXeon version 9.3.4 suffers from an insecure CORS configuration. !-- ABB Cylon FLXeon 9.3.4 app.js Insecure CORS Configuration Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Serie...

ABB Cylon FLXeon 9.3.4 (app.js) Insecure CORS Configuration

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

GHSA-67MH-4WV8-2F99 esbuild enables any website to send any requests to the development server and read the response

Summary esbuild allows any websites to send any request to the development server and read the response due to default CORS settings. Details esbuild sets Access-Control-Allow-Origin: header to all requests, including the SSE connection, which allows any websites to send any request to the...

GO-2025-3416 Cilium has an information leakage via insecure default Hubble UI CORS header in github.com/cilium/cilium

Cilium has an information leakage via insecure default Hubble UI CORS header in github.com/cilium/cilium...

BIT-CILIUM-2025-23047 Cilium vulnerable to information leakage via insecure default Hubble UI CORS header

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default Access-Control-Allow-Origin header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4 who...

PT-2025-4791 · Cilium +1 · Cilium +1

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.14.0 through 1.14.7 Cilium versions 1.15.0 through 1.15.11 Cilium versions 1.16.0 through 1.16.4 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default...

Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials

The CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabilities. Specifically, it allows setting the Access-Control-Allow-Origin header to a wildcard "" while also having the Access-Control-Allow-Credentials set to true...

CVE-2022-26969

In Directus before 9.7.0, the default settings of CORSORIGIN and CORSENABLED are true...

CVE-2021-26991

Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing CORS policy which could allow a remote attacker to interact with Cloud Manager...

CVE-2021-26991

Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing CORS policy which could allow a remote attacker to interact with Cloud Manager...