CVE-2026-7573

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

CVE-2026-7573

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

EUVD-2023-30640

Malicious code in bioql PyPI...

CVE-2023-26848

TOTOlink A7100RUV7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules...

TOTOLINK A7100RU 命令注入漏洞

The TOTOLINK A7100RU is a wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home network connection. The TOTOLINK A7100RU suffers from a command injection vulnerability that stems from the org parameter in setting/delStaticDhcpRules failing to properly filter...