2931 matches found
CVE-2026-8737 Sanluan PublicCMS Trade Address Query TradeAddressListDirective.java execute missing authentication
A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java of the component Trade Address Query Handler. Executing a manipulation of the argume...
Missing Authentication For Critical Function
Sliver is vulnerable to Missing Authentication For Critical Function. The vulnerability is due to the DNS C2 listener allocating server-side sessions without validating TOTP values and lacking session cleanup, which allows an attacker to create excessive sessions and exhaust server memory...
@samanhappy/mcphub: SSE Endpoint Accepts Arbitrary Username from URL Path Without Authentication, Enabling User Impersonation
Summary A critical identity spoofing vulnerability in MCPHub allows any unauthenticated user to impersonate any other user — including administrators — on SSE Server-Sent Events and MCP transport endpoints. The server accepts a username from the URL path parameter and creates an internal user...
Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure
Vulnerability Type: Information Disclosure / Missing Authentication Severity: Medium Component: backend/openwebui/routers/retrieval.py — getstatus GET / Affected Endpoint: GET /api/v1/retrieval/ Affected Version: Open WebUI main branch — confirmed unpatched through v0.9.2 Authentication Required:...
GHSA-65PG-QHHW-MXWG Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure
Vulnerability Type: Information Disclosure / Missing Authentication Severity: Medium Component: backend/openwebui/routers/retrieval.py — getstatus GET / Affected Endpoint: GET /api/v1/retrieval/ Affected Version: Open WebUI main branch — confirmed unpatched through v0.9.2 Authentication Required:...
Missing Authentication for Critical Function
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the getstatus function. An attacker can access sensitive configuration details by sending an unauthenticated HTTP GET request to the affected endpoint...
CVE-2026-42572
Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...
CVE-2026-45371 SiYuan: SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST...
Missing Authentication
github.com/dgraph-io/dgraph is vulnerable to Missing Authentication. The vulnerability is due to the restoreTenant admin mutation missing authorization middleware validation, which allows an unauthenticated attacker to overwrite the database, access server-side files via file:// paths, and perfor...
FlowiseAI: Vector Store No Permission Checks
FINDING 4: OpenAI Assistants Vector Store - No Auth on CRUD Operations Severity: HIGH CVSS 8.1 Type: CWE-306 Missing Authentication for Critical Function File: packages/server/src/routes/openai-assistants-vector-store/index.ts Description: ALL CRUD endpoints for OpenAI Assistants Vector Store hav...
CVE-2025-62619
Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...
CVE-2025-62619
CVE-2025-62619 concerns missing authentication in the KVM key download endpoint, enabling an unauthenticated attacker who knows the exposed URL to retrieve sensitive keys and potentially compromise confidentiality. The issue is identified in AMD’s Device Management Portal context (AMD-SB-9023), w...
CVE-2025-62619
Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...
EUVD-2025-209845
Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...
CVE-2025-62619
Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...
PT-2026-41204
Name of the Vulnerable Software and Affected Versions electerm versions prior to 3.9.5 Description Insecure sync encryption occurs due to the use of deterministic AES-192-CBC with a fixed zero IV Initialization Vector, a constant KDF Key Derivation Function salt, and the absence of a MAC Message...
PT-2026-41209
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description All CRUD endpoints for the OpenAI Assistants Vector Store lack authentication middleware and permission checks. Specifically, the route path "/api/v1/openai-assistants-vector-store" is not included i...
PT-2026-41192
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description An information disclosure issue exists where the 'GET /api/v1/retrieval/' endpoint returns live RAG Retrieval-Augmented Generation pipeline configuration to any unauthenticated HTTP client. No...
PT-2026-40938
Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the POST /api/v1/index/stream endpoint. An attacker can access and manipulate backend Solr index data by sending arbitrary streaming expressions without authentication. This allows readin...