EUVD-2026-33880

MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...

CVE-2026-3198 Improper Access Control in mlflow/mlflow

MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...

CVE-2026-3198

MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...

CVE-2026-44719

Mathesar (Web app for PostgreSQL) fixed a privilege check vulnerability in versions 0.2.0–0.09.x. Endpoints such as collaborators.list, tables.metadata.list, explorations.list, and forms.list accepted a database_id without verifying that the requester was a collaborator, allowing an authenticated...

GHSA-9GJV-JVM7-VV2V Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users

Summary Users with the Guest role could receive private sub-object data e.g. private alternate names, private addresses, private note/citation/media handles through list API endpoints such as GET /api/people/, GET /api/places/, GET /api/events/, and all other object list endpoints. This does not...

Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users

Summary Users with the Guest role could receive private sub-object data e.g. private alternate names, private addresses, private note/citation/media handles through list API endpoints such as GET /api/people/, GET /api/places/, GET /api/events/, and all other object list endpoints. This does not...

Information Exposure

Overview gramps-webapi is an A RESTful web API for the Gramps genealogical database. Affected versions of this package are vulnerable to Information Exposure in the iter process. An attacker can access private sub-object data attached to otherwise-public objects by querying list API endpoints as ...

GHSA-J724-5C6C-68G5 AVideo: Unauthenticated Access to Scheduler Plugin Endpoints Leaks Scheduled Tasks, Email Content, and User Mappings

Summary Three list.json.php endpoints in the Scheduler plugin lack any authentication check, while every other endpoint in the same plugin directories add.json.php, delete.json.php, index.php requires User::isAdmin. An unauthenticated attacker can retrieve all scheduled tasks including internal...

Pimcore SQL注入漏洞

Pimcore is an open-source web content management platform developed by the Austrian company Pimcore. This platform integrates applications for web content management, e-commerce frameworks, and product information management. Versions of Pimcore prior to 11.5.14.1 and 12.3.2, as well as earlier...

PT-2024-17536 · Unknown · Unifiedtransform

Name of the Vulnerable Software and Affected Versions: Unifiedtransform versions 2.0 and earlier Description: The issue involves multiple access control vulnerabilities that allow unauthorized access to personal information of students and teachers. These vulnerabilities include function-level...

GO-2023-2162 SQL Injection in List Endpoints in github.com/flyteorg/flyteadmin

A malicious user can send a REST request to a List endpoint with filters that contain custom SQL statements. This can result in SQL injection...

Design/Logic Flaw

FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. Prior to version 1.1.124, list endpoints on FlyteAdmin have a SQL vulnerability where a malicious user can send a REST request with custom SQL statements as list filters. The attacke...

Flyte Admin SQL Injection in List Filters

Impact List endpoints on Flyte Admin has a SQL vulnerability where a malicious user can send a REST requests with custom SQL statements as list filters. Workarounds The attacker needs to have access to the flyteadmin installation typically either behind a VPN or authentication. References...

PT-2023-28148 · Unknown · Flyteadmin

Name of the Vulnerable Software and Affected Versions: FlyteAdmin versions prior to 1.1.124 Description: The issue concerns a SQL vulnerability in list endpoints on FlyteAdmin, where a malicious user can send a REST request with custom SQL statements as list filters. This requires the attacker to...