Lucene search
K

2155 matches found

NVD
NVD
added 2026/05/28 4:16 p.m.17 views

CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS0.00222EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/28 4:16 p.m.11 views

PYSEC-0000-CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/28 4:16 p.m.18 views

PYSEC-2026-177

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

DEBIAN-CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 4:16 p.m.10 views

UBUNTU-CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:45 p.m.9 views

CVE-2026-8697

Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface. This enables an attacker to brute-force valid credentials via SSH. Successful...

8.7CVSS5.8AI score0.0051EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 3:45 p.m.31 views

CVE-2026-8697

CVE-2026-8697 affects TP-Link Archer C64 v1, where the debug SSH service imposes no authentication rate-limiting. This allows an attacker with adjacent network access to brute-force administrative credentials via SSH and gain full admin control, with impact to confidentiality, integrity, and avai...

8.8CVSS5.8AI score0.0051EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:7 p.m.9 views

CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 3:7 p.m.9 views

CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 1:26 a.m.36 views

CVE-2026-7493 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.11.5 - Unauthenticated Denial of Service

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to denial of service in all versions up to, and including, 1.6.11.5. This is due to a publicly accessible REST API endpoint /wp-json/ssa/v1/async that calls PHP's sleep function on a...

5.3CVSS0.0035EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 12:4 a.m.10 views

GHSA-W5R6-MCGQ-7PQ4 Yamcs has No Rate Limiting on Authentication Endpoint

Summary The authentication endpoint POST /auth/token in yamcs-core lacks any form of rate limiting, account lockout, or failed attempt throttling. As a result, an unauthenticated remote attacker can perform unlimited password guessing attempts against any user account. This missing rate limiting...

6.5CVSS5.8AI score0.00052EPSS
Exploits2References2
Snyk
Snyk
added 2026/05/27 12:4 a.m.7 views

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force through the handleToken process. An attacker can gain unauthorized access to user accounts by performing unlimited authentication attempts without restriction. PoC 20 attempts — zero rate limiting for i in $seq 1 20; do curl...

8.2CVSS5.5AI score0.00052EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2026/05/27 12:4 a.m.20 views

Yamcs has No Rate Limiting on Authentication Endpoint

Summary The authentication endpoint POST /auth/token in yamcs-core lacks any form of rate limiting, account lockout, or failed attempt throttling. As a result, an unauthenticated remote attacker can perform unlimited password guessing attempts against any user account. This missing rate limiting...

5.8AI score0.00052EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43456

Name of the Vulnerable Software and Affected Versions YAMCS affected versions not specified Description The authentication endpoint "POST /auth/token" in yamcs-core lacks rate limiting, account lockout, and failed attempt throttling. This allows an unauthenticated remote attacker to perform...

6.5CVSS5.8AI score0.00052EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2026/05/26 5:0 a.m.11 views

CVE-2026-9495

Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...

7.3CVSS5.9AI score0.0036EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:0 a.m.8 views

CVE-2026-9495

Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...

7.3CVSS5.9AI score0.0036EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/26 5:0 a.m.42 views

CVE-2026-9495

Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...

7.3CVSS0.0036EPSS
Exploits0References4
CVE
CVE
added 2026/05/26 5:0 a.m.38 views

CVE-2026-9495

CVE-2026-9495 affects the npm package @koa/router, specifically versions 14.0.0 and earlier than 15.0.0. The issue is an Access Control Bypass caused by middleware being silently dropped from the execution chain when the router prefix contains path parameters. This can enable bypass of authentica...

7.3CVSS5.9AI score0.0036EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.21 views

PT-2026-43190

Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...

7.3CVSS5.9AI score0.0036EPSS
Exploits0References4
OSV
OSV
added 2026/05/20 3:46 p.m.7 views

GHSA-W9XH-5F39-VQ89 phpMyFAQ: Missing Password Reset Token Allows Account Takeover via Username/Email Enumeration

Summary An authentication bypass vulnerability in phpMyFAQ allows any unauthenticated attacker to reset the password of any user account, including SuperAdmin accounts. By sending a PUT request with just a valid username and associated email address to /api/user/password/update, an attacker...

8.2CVSS5.8AI score0.00324EPSS
Exploits0References2
Rows per page
Query Builder