2911 matches found
CVE-2026-3053
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component OpenAPI Endpoint. Executing a manipulation can lead to missing authentication. It is possible to laun...
CVE-2026-3053 DataLinkDC dinky OpenAPI Endpoint AppConfig.java addInterceptors missing authentication
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component OpenAPI Endpoint. Executing a manipulation can lead to missing authentication. It is possible to laun...
EUVD-2026-7432
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component OpenAPI Endpoint. Executing a manipulation can lead to missing authentication. It is possible to laun...
CVE-2026-3053
DataLinkDC dinky OpenAPI Endpoint vulnerability (CVE-2026-3053) affects dinky up to version 1.2.5, via the addInterceptors function in dinky-admin/src/main/java/org/dinky/configure/AppConfig.java. The flaw enables remote authentication bypass due to manipulation of the OpenAPI Endpoint component....
actual 访问控制错误漏洞
Actual is a personal finance tool developed by Actual OpenSource. Versions of Actual prior to 26.2.1 contained an access control vulnerability. This vulnerability stemmed from the lack of an authentication middleware in the ActualBudget server component, which could allow unverified users to acce...
Dinky 访问控制错误漏洞
Dinky is an open-source real-time computing platform developed by DataLinkDC. Versions of Dinky 1.2.5 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from a missing authentication check in the addInterceptors function of the OpenAPI endpoint...
CVE-2025-30410
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 39870, Acronis Cyber Protect 16 Linux, macOS, Windows before build 39938, Acronis Cyber Protect 15 Linux, macOS,...
CVE-2026-24790
Technical details about CVE-2026-24790 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...
CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...
CVE-2026-26048 Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function
The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and disassociation frames to be broadcast without authentication or encryption. An attacker can use this to cause unauthorized disruptions and create a...
CVE-2026-26048 Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function
The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and disassociation frames to be broadcast without authentication or encryption. An attacker can use this to cause unauthorized disruptions and create a...
CVE-2025-30410
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 39870, Acronis Cyber Protect 16 Linux, macOS, Windows before build 39938, Acronis Cyber Protect 15 Linux, macOS,...
CVE-2025-30410
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 39870, Acronis Cyber Protect 16 Linux, macOS, Windows before build 39938, Acronis Cyber Protect 15 Linux, macOS,...
CVE-2025-30410
CVE-2025-30410 involves sensitive data disclosure and data manipulation due to missing authentication. Affected products and minimum failing builds are: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before 39870; Acronis Cyber Protect 16 (Linux, macOS, Windows) before 39938; Acronis C...
CVE-2025-30410
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 39870, Acronis Cyber Protect 16 Linux, macOS, Windows before build 39938, Acronis Cyber Protect 15 Linux, macOS,...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the POST /api/v2/dag-runs endpoint, which accepts and executes inline YAML specifications without authentication in the default configuration. An attacker can execute arbitrary commands o...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the POST /api/v2/dag-runs endpoint, which accepts and executes inline YAML specifications without authentication in the default configuration. An attacker can execute arbitrary commands o...
CVE-2025-8350
Technical details about CVE-2025-8350 are not publicly available in the supplied documents; no concrete exploit, patch, or vendor details are provided here. Monitor for updates.
CVE-2026-2284
The News Element Elementor Blog Magazine plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.8. This is due to a missing capability check and nonce verification on the 'necleandata' AJAX action. This makes it possible for authenticated attackers,...