CVE-2026-38587

An Insecure Direct Object Reference IDOR vulnerability was discovered in ONLYOFFICE DocSpace before 3.2.1. The flaw exists in multiple REST API endpoints. This allows authenticated users with low-level permissions User or Guest to retrieve sensitive information, such as the Owner's unique...

CVE-2026-42277 Onyx: IDOR in /chat/file/{file_id} allows any authenticated user to download other users files

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/fileid endpoint allows any authenticated user to download any other user's uploaded files by providing the file UUID. The endpoint verifies the caller is authenticated but never checks that the file...

CVE-2026-5780

CVE-2026-5780 concerns an insecure direct object reference (IDOR) in MphRx’s Minerva v3.6.0, specifically the /minerva/moUser/show/ endpoint. An authenticated user can modify the ID to access data of other registered users, enabling listing of users. The CVSS 4.0 base score is 8.5 (HIGH) with NET...

WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Jakub Herman in WordPress Plugin KiviCare versions = 4.2.1...

CVE-2026-31820

Sylius is an Open Source eCommerce Framework on Symfony. An authenticated Insecure Direct Object Reference IDOR vulnerability exists in multiple shop LiveComponents due to unvalidated resource IDs accepted via LiveArg parameters. Unlike props, which are protected by LiveComponent's @checksum, arg...

CVE-2025-41020 Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito

Insecure direct object reference IDOR vulnerability in Sergestec's Exito v8.0. This vulnerability allows an attacker to access data belonging to other customers through the 'id' parameter in '/admin/ticketa4.php'...

CVE-2024-45732

CVE-2024-45732 affects Splunk Enterprise versions prior to 9.3.1 and 9.2.0 prior to 9.2.3, plus Splunk Cloud Platform prior to 9.2.2403.103, including 9.1.2312.200/9.1.2312.110/9.1.2308.208. Description: a low-privileged user without admin or power roles could run a search as the nobody user with...

CVE-2021-32570

In Ericsson Network Manager ENM releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All AMOS users are considered to be highly privileged users in ENM system and all must be previously defined and authorized by the Security...

CVE-2020-9387

In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account details are shared in the Elasticsearch results for accounts that are not accessible when the config setting 'Isolated institutions' is turned on...