CVE-2026-41276

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-41276

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific...

WordPress plugin Nokri 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

"400 - Bad request - Value cannot be null. Parameter name: token" when performing Microsoft Teams backup

Challenge Microsoft Teams backup may fail with "400 - Bad request - Value cannot be null. Parameter name: token" error. Cause If a user never opened the Files tab of a team channel in Microsoft Teams, this tab is not linked to the Files document library in a corresponding SharePoint team site. In...

Windows SMB PsImpersonateClient null token vulnerability

Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...

CVE-2015-1786

Cross-site request forgery CSRF vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers...