CVE-2026-26418

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network...

SUSE CVE-2026-30784

This CVE ID has been withdrawn by its CVE Numbering Authority...

PT-2026-23671

Missing Authorization vulnerability in Rank Math Rank Math SEO PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO PRO: from n/a through 3.0.95...

CVE-2026-28720

Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...

EUVD-2026-9842

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the dashboard and API endpoints. An attacker can access sensitive action metadata, including titles, IDs, icons, and argument details, by sending crafted requests as an authenticated user with restricted view...

CVE-2026-26418

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network...

EUVD-2026-9832

Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...

CVE-2026-30797

Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, config import modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

CVE-2026-30784

Rejected reason: This CVE ID has been withdrawn by its CVE Numbering Authority...

CVE-2026-30784

CVE-2026-30784 entry is rejected/not used and does not represent an active vulnerability.

CVE-2026-30784

This CVE ID has been withdrawn by its CVE Numbering Authority...

CVE-2026-30784

...

CVE-2026-30797 RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server

Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, config import modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

CVE-2026-30797 RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server

Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, config import modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

CVE-2026-30797

Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, config import modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

CVE-2026-1674

The Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization within the savegutenaformsschema function in all versions up to, and including, 1.6.0. This makes...

Missing Authorization

github.com/treeverse/lakefs is vulnerable to Missing Authorization. The vulnerability is due to lack of authentication checks on the /api/v1/usage-report/summary endpoint, which allows an attacker to access aggregate API usage information without authorization...

EUVD-2026-9734

Missing Authorization vulnerability in Frenify Guff guff allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Guff: from n/a through = 1.0.1...

EUVD-2026-9730

Missing Authorization vulnerability in PixFort pixfort Core pixfort-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects pixfort Core: from n/a through = 3.2.22...