Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Snyk
Snykadded 2026/06/01 6:24 p.m.3 views

Missing Origin Validation in WebSockets

Overview kanban is an A kanban foundation for coding agents Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets due to the lack of enforcement of origin and host policy. An attacker can gain unauthorized access to sensitive data and perform actions on behal...

9.6CVSS5.5AI score0.00154EPSS
Exploits1References2
OSV
OSVadded 2025/07/29 6:15 p.m.1 views

UBUNTU-CVE-2025-27514

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...

5.4CVSS5.8AI score0.00183EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2023/11/15 12:0 a.m.3 views

The vulnerability of the Kanban function in the GLPI system for scheduling, incident management, and inventory tracking allows a malicious individual to gain unauthorized access to any user’s account.

The vulnerability of the Kanban function in systems for requests, incidents, and inventory management of computer equipment in GLPI is related to insecure privilege management. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to the account of any user...

10CVSS7.5AI score0.31174EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder