GHSA-5PV2-86QJ-5JF9 Cockpit has NoSQL Injection Through Content Aggregation Pipelines

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

CVE-2026-40352 FastGPT: NoSQL Injection in updatePasswordByOld Leads to Account Takeover

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated attacker can bypass the "old password" verification by injecting MongoDB query operators. This allows an attacker who has gained a low-privilege...

CVE-2026-40351 FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

EUVD-2026-23557

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

CVE-2026-40351 FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

PT-2026-33519

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

PT-2026-33520

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated attacker can bypass the "old password" verification by injecting MongoDB query operators. This allows an attacker who has gained a low-privilege...

📄 Cockpit CMS 2.13.5 NoSQL Injection

Cockpit CMS version 2.13.5 is vulnerable to NoSQL operator injection on multiple API endpoints. User-supplied filter objects are forwarded to the Mongolite query engine without stripping MongoDB operators. Authenticated users can bypass intended query filters and perform boolean-based blind queri...

CVE-2026-22558

CVE-2026-22558 affects the UniFi Network Application. An "Authenticated NoSQL Injection" vulnerability could allow a malicious actor with authenticated network access to escalate privileges. The CVE entry provides a CVSS v3.1 vector ( NETWORK, LOW complexity, PRIVILEGES REQUIRED: LOW, UI: NONE, S...

CVE-2026-3021

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL...

CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type...

CVE-2026-30833 Rocket.Chat: NoSQL injection in the EE ddp-streamer-service

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0, a NoSQL injection vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that allows unauthenticated...

Rocket.Chat: Regex account takeover

Summary: get admin reset token with authenticated user Description: normal user login can access to admin reset token and set a new password for admin user Releases Affected: 3.18.5 3.0.5 Steps To Reproduce from initial installation to vulnerability: Add details for how we can reproduce the issue...

Ninjasworkout - Vulnerable NodeJS Web Application

Damn Vulnerable NodeJS Application Quick Start Download the Repo = run npm i Afer Installing all dependency just run the application node app.js or nodemon app.js ADDED BUGS Prototype Pollution No SQL Injection Cross site Scripting Broken Access Control Broken Session Management Weak Regex...

Rocket.Chat 安全漏洞

Rocket.Chat is an open source team chat software. A security vulnerability exists in Rocket.Chat versions 3.11, 3.12, and 3.13. The vulnerability could lead to unauthenticated NoSQL injection. No details of the vulnerability are provided at this time...

PT-2021-15268 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat server versions 3.11 through 3.13 Description: A vulnerability exists due to improper input sanitization, potentially leading to unauthenticated NoSQL injection and resulting in remote code execution RCE. Recommendations: For...

Agentejo Cockpit NoSQL Injection Vulnerability (CNVD-2021-01561)

Agentejo Cockpit is a self-hosted "headless" and api-driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit versions prior to 0.11.2. The vulnerability can be exploited to conduct a NoSQL injection attack via the Controller/Auth.php...

Agentejo Cockpit NoSQL Injection Vulnerability (CNVD-2021-01562)

Agentejo Cockpit is a self-hosted "headless" and api driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit prior to version 0.11.2. The vulnerability can be exploited to conduct NoSQL injection attacks via the Controller/Auth.php che...

Agentejo Cockpit SQL注入漏洞

Agentejo Cockpit is a self-hosted "headless" and api driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit prior to version 0.11.2. The vulnerability can be exploited to conduct a NoSQL injection attack via the Controller/Auth.php...

Steedos Steedos-platform SQL Injection Vulnerability

Steedos Steedos-platform is a Javascript-based website builder for creating websites in a declarative way organized by Steedos China. A SQL injection vulnerability exists in Steedos Platform version 1.21.24 and prior versions, which stems from allowing NoSQL injection because...