590 matches found
BIT-MLFLOW-2026-2734 Authorization Bypass in SearchModelVersions in mlflow/mlflow
In mlflow/mlflow versions up to 3.9.0, the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registere...
CVE-2026-41013
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...
CVE-2026-37233
FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The equality function eqxappricgenid in src/ric/iApp/xappricid.c compares m0-xappid against itself m0-xappid instead of the other argument m1-xappid, effectively ignoring the xApp identity dimension. A malicio...
CVE-2026-45707
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...
CVE-2026-41013
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...
CVE-2026-41013 Tenant-controlled comma smuggles arbitrary CIFS mount options
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...
CVE-2026-41013
CVE-2026-41013 describes an input validation bypass in the SMB volume mount handling of CloudFoundry Foundation’s diego-release. The vulnerability allows a low-privileged CF space developer to inject arbitrary kernel CIFS mount options by bypassing the mount-option allowlist, enabling privilege e...
EUVD-2026-33727
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...
CVE-2026-41013
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, reporting, maybe a compliance module bolted on the side. The work has since outgrown the descriptor....
CVE-2026-37233
FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The equality function eqxappricgenid in src/ric/iApp/xappricid.c compares m0-xappid against itself m0-xappid instead of the other argument m1-xappid, effectively ignoring the xApp identity dimension. A malicio...
PT-2026-45516
Name of the Vulnerable Software and Affected Versions smb-volume-release versions prior to v3.60.0 CF Deployment versions prior to v56.0.0 Description An input validation bypass exists in the SMB volume mount handling within CloudFoundry Foundation diego-release. This allows a low-privileged CF...
CVE-2026-37233
CVE-2026-37233 affects FlexRIC v2.0.0. The iApp/xApp isolation contains an authorization bypass: the function eq_xapp_ric_gen_id() compares m0->xapp_id against itself rather than the other argument, effectively ignoring the xApp identity dimension. A malicious xApp connected to the iApp (port ...
CVE-2026-37233
FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The equality function eqxappricgenid in src/ric/iApp/xappricid.c compares m0-xappid against itself m0-xappid instead of the other argument m1-xappid, effectively ignoring the xApp identity dimension. A malicio...
praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership
Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...
CVE-2026-45707
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...
CVE-2026-45707 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...
EUVD-2026-33318
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...
CVE-2026-45707
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...
CVE-2026-45707 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...