2928 matches found
CVE-2026-5632
A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...
CVE-2026-5632 assafelovic gpt-researcher HTTP REST API Endpoint missing authentication
A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...
CVE-2026-5632 assafelovic gpt-researcher HTTP REST API Endpoint missing authentication
A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...
CVE-2026-5632
CVE-2026-5632 concerns assafelovic gpt-researcher (versions up to 3.4.3) where the HTTP REST API Endpoint has a missing authentication issue in a manipulated request. The vulnerability is remote, with PROOF-OF-CONCEPT exploitation and a CVSS base score in the MEDIUM-HIGH range across CVSS version...
CVE-2026-5616
A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...
CVE-2026-5616
A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...
CVE-2026-5616
JeecgBoot 3.9.0/3.9.1 contains a vulnerability in the AI Chat Module, specifically an unknown function within JeecgBizToolsProvider.java under jeecg-system-biz. This manipulation results in missing authentication and can be triggered remotely. A patch is identified by the hash b7c9aeba7aefda9e008...
EUVD-2026-19128
Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: from C1 BaseIngenic x1000 before GK000432BAA, from D1 BaseIngenic x1600 before HE000085BAA, from A1/B1 BaseIMX25 before...
PT-2026-30571
A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...
PT-2026-30560
A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...
CVE-2026-4272
Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: from C1 BaseIngenic x1000 before GK000432BAA, from D1 BaseIngenic x1600 before HE000085BAA, from A1/B1 BaseIMX25 before...
CVE-2026-4272
CVE-2026-4272 concerns a Missing Authentication for Critical Function in Honeywell Handheld Scanners. Affected are certain Handheld Scanner bases (C1, D1, A1/B1) with specific firmware/builds; vulnerable component Scope includes Ingenic x1000/x1600/IMX25 bases before listed GK/HE/BK firmware IDs....
Missing Authentication for Critical Function
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the check.ffmpeg.json.php endpoint, which lacks access control checks. An attacker can obtain information about th...
CVE-2026-32211
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network...
CVE-2026-34952
CVE-2026-34952 affects PraisonAI (Gateway) prior to version 4.5.97, where the WebSocket gateway at /ws and the topology endpoint at /info accept unauthenticated connections. This allows any network client to enumerate registered agents and send arbitrary messages to agents and their tool sets, en...
Missing Authentication for Critical Function
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the PUT /signalk/v1/api/sourcePriorities endpoint, which lacks authentication and directly assigns user input to...
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
CVE-2026-28766
CVE-2026-28766 refers to Gardyn Cloud API missing authentication for a critical function. The initial description and related documents confirm that a specific endpoint exposes all user account information for registered Gardyn users without requiring authentication, enabling potential confidenti...
CVE-2026-28767 Gardyn Cloud API Missing Authentication for Critical Function
A specific administrative endpoint notifications is accessible without proper authentication...