21312 matches found
CVE-2024-47268
Missing authorization vulnerability in AddOns functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors...
CVE-2026-6209
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
WordPress Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure vulnerability
Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by Anirudh Makkar in WordPress Plugin Essential Addons for Elementor versions = 6.6.4...
CVE-2026-6209
...
CVE-2026-6209
CVE-2026-6209 is rejected/not used; this ID does not represent an active vulnerability entry.
EUVD-2026-34841
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
WordPress RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure vulnerability
Missing Authorization to Authenticated Contributor+ Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Feedzy versions = 5.1.7...
WordPress Alba Board plugin <= 2.1.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure vulnerability
Missing Authorization to Authenticated Subscriber+ Sensitive Information Disclosure vulnerability discovered by Teerachai Somprasong in WordPress Plugin Alba Board versions = 2.1.3...
PT-2026-46967
Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Geographic Tracking System: before v0.0.2...
📄 Craft CMS 5.9.5 Missing Authorization / Denial of Service
Craft CMS versions 5.9.5 and below suffer from a missing authorization vulnerability that can trigger an unwanted migration. CVE-2026-31266 - Craft CMS Missing Authorization CVE Information | Field | Value | |-------|-------| | CVE ID | CVE-2026-31266 | | Vendor | Pixel & Tonic | | Product | Craf...
CVE-2026-5228
Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...
CVE-2026-10815
A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknown processing of the file hostel/index.php of the component Admin Dashboard Page. The manipulation of the argument ID results in missing authorization...
Nuclio: Missing authorization on project write paths allows any authenticated user to modify or delete any project
This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user without membership in the target project to bypass OPA authorization checks on write paths PUT /api/projects/id, DELETE /api/projects and modify or delete any project along with all its...
GHSA-M8XG-8XG9-MXHM Nuclio: Missing authorization on project write paths allows any authenticated user to modify or delete any project
This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user without membership in the target project to bypass OPA authorization checks on write paths PUT /api/projects/id, DELETE /api/projects and modify or delete any project along with all its...
EUVD-2026-34283
Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...
CVE-2026-5228 Improper Access Control in Kurt Software Studio's WriteUp Mobile App
Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...
CVE-2026-5228
Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...
WordPress SP Project & Document Manager plugin <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability
Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability discovered by Namdn - Vncsglobal in WordPress Plugin SP Project & Document Manager versions = 4.71...
CVE-2026-49190 Missing Per-Instruction Authorization Checks
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
CVE-2026-49190
Technical details (affected products, vulnerable component, root cause, exploit information) are not provided in the initial document or connected sources. Monitor for updates from official advisories.