Lucene search
K

4 matches found

NVD
NVD
added yesterday4 views

CVE-2026-55479

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the legacy single-seat license checkin flow authorizes the action with the checkout permission instead of the checkin permission, allowing a user who can assign licenses but not unassign them to directly access the old checkin...

5.3CVSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-42998

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the legacy single-seat license checkin flow authorizes the action with the checkout permission instead of the checkin permission, allowing a user who can assign licenses but not unassign them to directly access the old checkin...

5.3CVSS6.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/11 7:24 p.m.14 views

Shopware vulnerable to a potential take over of app credentials

Summary We identified and fixed a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. By abusing app re‑registration, an attacker could redirect app traffic to an...

8.9CVSS5.8AI score0.00267EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2026/03/11 6:56 p.m.31 views

CVE-2026-31889 Shopware has a potential take over of app credentials

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

8.9CVSS0.00267EPSS
Exploits0References1
Rows per page
Query Builder