CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2026/04/13 5:42 a.m.•3 views

BIT-KIBANA-2026-33461 Incorrect Authorization in Kibana Fleet Leading to Information Disclosure

Incorrect Authorization CWE-863 in Kibana can lead to information disclosure via Privilege Abuse CAPEC-122. A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens, that should only be...

7.7CVSS5.8AI score0.00053EPSS

Exploits0References2

Positive Technologies•added 2026/04/13 12:0 a.m.•0 views

PT-2026-32408

7.7CVSS5.8AI score0.00053EPSS

Exploits0References3

EUVD•added 2026/04/08 6:34 p.m.•1 views

EUVD-2026-20525

7.7CVSS5.9AI score0.00053EPSS

Exploits0References2

Cvelist•added 2026/04/08 4:41 p.m.•20 views

CVE-2026-33461 Incorrect Authorization in Kibana Fleet Leading to Information Disclosure

7.7CVSS0.00053EPSS

Exploits0References1

CNNVD•added 2025/12/12 12:0 a.m.•2 views

AzuraCast 安全漏洞

AzuraCast is a simple self-hosted webcast management suite from AzuraCast, Inc. A security vulnerability exists in AzuraCast version 0.23.1, which stems from the incorrect inclusion of an API endpoint for internal use only, which could lead to tampering with database contents...

3.7CVSS6.4AI score0.00047EPSS

Exploits1References2

Vulnrichment•added 2023/03/31 10:8 p.m.•8 views

CVE-2023-28645 Secure view can be bypassed by using internal API endpoint in Nextcloud richdocuments

Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app...

5.7CVSS6.4AI score0.00203EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by