CVE-2026-34317

CVE-2026-34317 affects Oracle MySQL Shell (Shell: Core Client). Affected versions are 8.0.0–8.0.45, 8.4.0–8.4.8, and 9.0.0–9.6.0. The vulnerability exists in the Core Client component and can be exploited by a user who has logon to the environment where MySQL Shell executes, indicating a local at...

EUVD-2025-197986

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their 'numerical ID', meaning that an attacker could compromise another user's account, thereby affecting the confidentiality, integrity, and availabili...

CVE-2025-41346

CVE-2025-41346 pertains to WinPlus v24.11.27 from Informática del Este, where faulty authorization control allows impersonation of another user by simply knowing the numerical ID. The issue affects confidentiality, integrity, and availability of data stored in the application. Connected sources c...

PT-2025-47289

Name of the Vulnerable Software and Affected Versions WinPlus version 24.11.27 Description A flaw exists in authorization controls within WinPlus that permits user impersonation. An attacker can compromise a user’s account by knowing their numerical ID, potentially impacting the confidentiality,...

CVE-2025-5485

User names used to access the web management interface are limited to the device identifier, which is a numerical identifier no more than 10 digits. A malicious actor can enumerate potential targets by incrementing or decrementing from known identifiers or through enumerating random digit sequenc...