Lucene search
K

141 matches found

CVE
CVE
added 4 days ago8 views

CVE-2026-55478

Snipe-IT (IT asset/license management) has a vulnerability in the Kits API. Before version 8.6.2, POST /api/v1/kits/{kit_id}/licenses validates the caller’s ability to edit kits but does not authorize access to the referenced license object. This allows a low-privilege user with predefined-kit pe...

5.4CVSS6.1AI score0.00175EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-55478 Snipe-IT: Missing object-level authorization in Kits API

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/kitid/licenses checks whether the caller can edit kits but does not authorize access to the referenced license object, allowing a low-privilege user with predefined-kit permissions to bind a license they should n...

5.3CVSS0.00175EPSS
Exploits0References3
CVE
CVE
added 6 days ago13 views

CVE-2026-56246

Capgo prior to 12.128.2 contains a broken access control in the organization management API. A scoped API key (limited_to_orgs) inherits its owner-user’s permissions, enabling cross‑organization destructive actions (e.g., DELETE /organization, DELETE /organization/members) when an admin belongs t...

8.1CVSS6AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42249

Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key limitedtoorgs inherits its owner-user's permissions, allowing destructive cross-organization actions. When a user is an admin in two organizations and creates a write-mod...

8.1CVSS6AI score0.00223EPSS
Exploits0References2
OSV
OSV
added last week6 views

CVE-2026-54698 Hasura: Row-level authorization bypass on table computed fields

Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...

6CVSS5.9AI score0.0017EPSS
Exploits0References3
CVE
CVE
added last week14 views

CVE-2026-54698

Hasura CVE-2026-54698 describes a row-level authorization bypass on table computed fields. Before versions 2.49.2 and 2.45.5, a user could use a where clause on a table computed field (returning SETOF some_table) to infer rows that should be filtered for their role according to some_table’s row-l...

6CVSS5.9AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:43 p.m.7 views

CVE-2026-59100

LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and...

5CVSS5.9AI score0.0018EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/02 7:43 p.m.37 views

CVE-2026-59100 LobeChat 2.2.9 - Broken Object Level Authorization via Chat-Group Agent Operations

LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and...

5CVSS0.0018EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/02 7:43 p.m.8 views

EUVD-2026-41431

LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and...

5CVSS5.9AI score0.0018EPSS
Exploits0References4
CVE
CVE
added 2026/07/02 7:39 p.m.17 views

CVE-2026-58580

LobeChat up to version 2.2.9 is affected by broken object-level authorization in MessageModel. An authenticated user who knows another user’s non-enumerable message identifier can overwrite that victim’s plugin tool‑call metadata, plugin state/error, and TTS/translation records via tRPC message p...

6CVSS5.8AI score0.00154EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40427

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS5.8AI score0.00322EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-56230

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS0.00322EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54023

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An issue exists in the middlewareKey function where the system accepts the client-controlled x-limited-key-id header without validating ownership. This allows authenticated users to adopt limited ke...

8.8CVSS5.8AI score0.00322EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53996

Name of the Vulnerable Software and Affected Versions Invidious versions prior to 2.20260626.0 Description An issue exists where authenticated attackers can delete videos from playlists belonging to other users. This occurs because the system fails to validate ownership when a request is made to...

7.1CVSS6AI score0.00225EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/29 5:17 p.m.10 views

EUVD-2026-40161

LibrePhotos before 1.0.0 contains a broken object level authorization vulnerability in the SetPhotosShared endpoint that allows authenticated users to grant themselves access to other users' private photos by bypassing ownership validation. Attackers can manipulate sharedto relations without prop...

6CVSS5.9AI score0.0021EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 11:53 a.m.9 views

EUVD-2026-38738

Capgo before 12.128.2 contains a broken object level authorization BOLA vulnerability in the POST /build/start/:jobId and POST /build/cancel/:jobId endpoints. The handlers authorize the request based only on the attacker-controlled appid supplied in the request body and never verify that the jobI...

7.6CVSS6.1AI score0.00176EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 6:18 p.m.18 views

CVE-2026-54016

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no...

4.3CVSS0.00226EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-38568

HireFlow v1.2 is vulnerable to Incorrect Access Control. The application does not enforce object-level authorization on the /candidate/ and /interview/ endpoints. The route handlers retrieve records by the user-supplied ID without verifying that the requesting user is the owner or has an authoriz...

8.1CVSS5.5AI score0.00231EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.12 views

CVE-2026-38532

A Broken Object-Level Authorization BOLA in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request...

8.1CVSS5.5AI score0.00351EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.10 views

CVE-2026-38530

A Broken Object-Level Authorization BOLA in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any lead owned by other users via supplying a crafted GET request...

8.1CVSS5.5AI score0.00351EPSS
Exploits2References1
Rows per page
Query Builder