CVE-2026-6577

The CVE-2026-6577 entry identifies a vulnerability in liangliangyy DjangoBlog up to 2.1.0.0 affecting an unknown function in the file owntracks/views.py of the logtracks Endpoint. The manipulation results in missing authentication, with remote exploitation and a publicly available exploit. Docume...

CVE-2026-6577 liangliangyy DjangoBlog logtracks Endpoint views.py missing authentication

A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulation leads to missing authentication. The attack can be initiated remotely. The exploit is publicly...

Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui

CVE-2026-33032 / MCPwn !CVEhttps://img.shields.io/badge/C...

CVE-2026-40461

CVE-2026-40461 affects Anviz CX2 Lite and CX7. The flaw allows unauthenticated POST requests to modify debug settings (e.g., enabling SSH), causing unauthorized state changes that can facilitate later compromise. According to the provided documents, affected components are the devices’ debug/admi...

CVE-2026-40461 Anviz Products Missing Authentication for Critical Function

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings e.g., enabling SSH, allowing unauthorized state changes that can facilitate later compromise...

CVE-2026-40461 Anviz Products Missing Authentication for Critical Function

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings e.g., enabling SSH, allowing unauthorized state changes that can facilitate later compromise...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in several API endpoints that lack proper authentication checks. An attacker can access sensitive data, perform state-changing operations, and obtain internal configuration details by sending...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in several API endpoints that lack proper authentication checks. An attacker can access sensitive data, perform state-changing operations, and obtain internal configuration details by sending...

Missing Authentication for Critical Function

Overview @paperclipai/ui is a Prebuilt Paperclip board UI assets. Affected versions of this package are vulnerable to Missing Authentication for Critical Function in several API endpoints that lack proper authentication checks. An attacker can access sensitive data, perform state-changing...

Missing Authentication for Critical Function

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the public-chatbotConfig and oauth2-credential/refresh endpoints. An attacker can obtain OAuth 2.0 access tokens for third-party services by retrieving...

CVE-2026-33032: Nginx UI Missing MCP Authentication

Overview On March 30, 2026, a security advisory was published for a critical vulnerability affecting Nginx UI. Nginx UI is an open-source web interface to centralize the management of Nginx configurations and SSL certificates. The critical vulnerability, CVE-2026-33032, was reported in early Marc...

EUVD-2026-23163

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed...

CVE-2026-6348

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed...

CVE-2026-6348 Simopro Technology｜WinMatrix - Missing Authentication

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed...

CVE-2026-6348

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed...

CVE-2026-6348

WinMatrix agent by Simopro Technology is affected by a Missing Authentication vulnerability. The CVE-2026-6348 issue allows authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine and on all hosts in the environment where the agent is installed. Credent...

CVE-2026-6348 Simopro Technology｜WinMatrix - Missing Authentication

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed...

PT-2026-33248

Name of the Vulnerable Software and Affected Versions WinMatrix agent affected versions not specified Description A missing authentication flaw allows authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine. This issue can lead to privilege escalation...

CVE-2026-26159

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally...

CVE-2026-26160

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally...