CVE-2026-10056 CORS misconfiguration in Nx Witness VMS allows session token exfiltration via cross-origin request

CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard security mode, on Linux and Windows allows an unauthenticated remote attacker to steal the session token of an authenticated user and perform Administrator Account...

Network Optix Nx Witness VMS 安全漏洞

Network Optix Nx Witness VMS is a video management system developed by the American company Network Optix. Versions of Network Optix Nx Witness VMS prior to version 6.1.2 contained security vulnerabilities. These vulnerabilities were caused by incorrect CORS configurations in the REST API, which...

EUVD-2023-58508

Malicious code in bioql PyPI...

CVE-2023-6263

An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server to NxCloud by using the exact identification of a legitimate VMS server. As result, it was possible to retrieve authorization headers from legitimate users when the legitima...

CVE-2023-6263

An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server to NxCloud by using the exact identification of a legitimate VMS server. As result, it was possible to retrieve authorization headers from legitimate users when the legitima...

CVE-2023-6263

An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server to NxCloud by using the exact identification of a legitimate VMS server. As result, it was possible to retrieve authorization headers from legitimate users when the legitima...

CVE-2023-6263

The vulnerability CVE-2023-6263 affects Network Optix NxCloud prior to 23.1.0.40440. An attacker could add a fake VMS server by using the exact identification of a legitimate VMS server, allowing retrieval of authorization headers from legitimate users when their client connects to the fake VMS s...

Network Optix NxCloud Security Breach

Network Optix NxCloud is an application from Network Optix, Inc. used to provide high performance capabilities for design and manufacturing. A security vulnerability exists in Network Optix NxCloud versions prior to 23.1.0.40440 that stems from the ability to add a fake VMS server to NxCloud by...

networkoptix.com Cross Site Scripting vulnerability OBB-2669701

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...