62618 matches found
CVE-2026-56765 Vikunja - Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR
Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes share hashes to users with read access, enabling permission escalation to admin-level shares. The GetTaskAttachment endpoint performs permission checks against user-supplied task IDs but fetches...
CVE-2026-56312 Capgo - Account Creation Before CAPTCHA Validation in accept_invitation Endpoint
Capgo before 12.128.2 contains an improper validation vulnerability in the acceptinvitation endpoint that creates user accounts before captcha validation is enforced. Attackers can bypass captcha protection by sending POST requests with invalid captcha tokens to create unwanted accounts and burn...
CVE-2026-9857
creationtimestamp| type| source ---|---|--- 2026-07-10 12:42:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqc6czb7p427 2026-07-10 21:23:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd3h22ks422 2026-07-10 21:23:34+00:00| seen|...
CVE-2026-14461
creationtimestamp| type| source ---|---|--- 2026-07-10 12:27:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqc5i5xosi2x 2026-07-10 14:21:24+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcdud4c3b26 2026-07-10 16:15:07+00:00| seen|...
CVE-2026-12955
creationtimestamp| type| source ---|---|--- 2026-07-10 12:13:09+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqc4oz4s4a2i 2026-07-10 21:13:54+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd2vwd6tv2s...
CVE-2026-14475
creationtimestamp| type| source ---|---|--- 2026-07-10 12:10:49+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqc4ksozb32a 2026-07-10 16:50:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcm7br7362s 2026-07-10 21:14:19+00:00| seen|...
CVE-2026-12400
creationtimestamp| type| source ---|---|--- 2026-07-10 11:47:20+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqc3asfthd2a 2026-07-10 21:16:44+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd32za45n2e...
CVE-2026-39822
A flaw was found in the os.Root functionality of Go on Unix systems. This vulnerability allows an attacker to bypass intended directory restrictions by crafting a path that ends with a symbolic link and a trailing slash. When a file is opened in os.Root with such a path, the symbolic link is...
CVE-2026-40452
creationtimestamp| type| source ---|---|--- 2026-07-10 11:19:11+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbzoiuofj2d 2026-07-10 12:15:45+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40452 2026-07-10 21:18:16+00:00| seen|...
CVE-2026-40454
creationtimestamp| type| source ---|---|--- 2026-07-10 11:11:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbz7ub5sf2f 2026-07-10 12:15:35+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40454 2026-07-10 13:34:44+00:00| seen|...
CVE-2026-40008
creationtimestamp| type| source ---|---|--- 2026-07-10 11:04:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbyv3qycz22 2026-07-10 12:15:32+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40008 2026-07-10 13:21:41+00:00| seen|...
CVE-2026-58374
A flaw was found in hostapd. An unauthenticated attacker within wireless range can send a specially crafted management frame during Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing. This crafted frame, containing a malformed Multi-Link Element or Per-STA Profile...
CVE-2026-15332
creationtimestamp| type| source ---|---|--- 2026-07-10 09:34:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbttvnaer2a 2026-07-10 22:01:36+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd5l7hit62w...
CVE-2026-21056
creationtimestamp| type| source ---|---|--- 2026-07-10 08:57:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbrqjt2ru2k 2026-07-10 18:40:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcsec46kj2x...
CVE-2026-13753
creationtimestamp| type| source ---|---|--- 2026-07-10 08:55:21+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mqbrnbuigj2r...
CVE-2026-12123
creationtimestamp| type| source ---|---|--- 2026-07-10 08:37:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbqmq6k2v2x 2026-07-10 10:40:02+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbxihz5rj2d...
CVE-2026-21042
creationtimestamp| type| source ---|---|--- 2026-07-10 08:24:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbpvdzvbg2x 2026-07-10 09:54:04+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbuwcgv452d 2026-07-10 12:45:50+00:00| seen|...
CVE-2026-21053
creationtimestamp| type| source ---|---|--- 2026-07-10 08:20:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbppenf3t2x 2026-07-10 09:55:57+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbuznayhf2y 2026-07-10 16:47:32+00:00| seen|...
CVE-2026-21051
creationtimestamp| type| source ---|---|--- 2026-07-10 08:06:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbouzxitv24 2026-07-10 09:54:54+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mqbuxrszlf25 2026-07-10 09:54:54+00:00| seen|...
CVE-2026-21046
creationtimestamp| type| source ---|---|--- 2026-07-10 08:02:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbooizzdg2k 2026-07-10 09:55:15+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbuyfovei27 2026-07-10 12:46:50+00:00| seen|...