Lucene search
K

66 matches found

OSV
OSV
added 5 days ago3 views

CVE-2026-56279 Capgo - Information Disclosure via get_orgs_v7 RPC Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the getorgsv7userid RPC function that remains publicly invokable despite intended private access controls. Unauthenticated attackers can supply arbitrary user UUIDs to retrieve foreign users' organization membership, roles,...

8.7CVSS6.2AI score0.00313EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/08 1:48 p.m.4 views

EUVD-2026-42248

Capgo Cap-go/capgo before 12.128.2 exposes the Supabase PostgREST RPC function public.getorgsv6userid uuid, which is SECURITY DEFINER and granted to the anon role, allowing unauthenticated access. Because the function accepts a caller-supplied user UUID without verifying it matches the...

8.7CVSS6AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40441

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser,...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.26 views

CVE-2026-56333 Capgo - Server-Side Validation Bypass via Direct Browser-Side Organization Security Settings Updates

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser,...

5.3CVSS0.00234EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 3:56 p.m.6 views

EUVD-2026-40357

Woodpecker before 3.15.0 registers the /api/orgs/lookup/orgfullname endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user user.ForgeID, via ForgeFromUser when selecting the forge to query. For an unauthenticated request session.User...

6.9CVSS5.8AI score0.00362EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 3:56 p.m.7 views

CVE-2026-58369 Woodpecker < 3.15.0 - Unauthenticated NULL Pointer Dereference in /api/orgs/lookup Enables Log-Flooding Denial of Service

Woodpecker before 3.15.0 registers the /api/orgs/lookup/orgfullname endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user user.ForgeID, via ForgeFromUser when selecting the forge to query. For an unauthenticated request session.User...

6.9CVSS5.8AI score0.00362EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 3:56 p.m.53 views

CVE-2026-58369 Woodpecker < 3.15.0 - Unauthenticated NULL Pointer Dereference in /api/orgs/lookup Enables Log-Flooding Denial of Service

Woodpecker before 3.15.0 registers the /api/orgs/lookup/orgfullname endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user user.ForgeID, via ForgeFromUser when selecting the forge to query. For an unauthenticated request session.User...

6.9CVSS0.00362EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 3:56 p.m.1 views

CVE-2026-58369 Woodpecker < 3.15.0 - Unauthenticated NULL Pointer Dereference in /api/orgs/lookup Enables Log-Flooding Denial of Service

Woodpecker before 3.15.0 registers the /api/orgs/lookup/orgfullname endpoint without authentication middleware, and the LookupOrg handler unconditionally dereferences the session user user.ForgeID, via ForgeFromUser when selecting the forge to query. For an unauthenticated request session.User...

6.9CVSS6AI score0.00362EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-53927

Name of the Vulnerable Software and Affected Versions Woodpecker versions prior to 3.15.0 Description The software registers the '/api/orgs/lookup/org full name' endpoint without authentication middleware. The LookupOrg handler unconditionally dereferences the session user user.ForgeID via...

6.9CVSS6AI score0.00362EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54037

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description Authenticated organization administrators can bypass server-side validation within organization security settings to persist an invalid security policy state. This is achieved by directly updating t...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5243 Gitea: Incomplete CVE-2025-68941 fix: /user/orgs missing checkTokenPublicOnly + switch-case logic flaw in code.gitea.io/gitea

Gitea: Incomplete CVE-2025-68941 fix: /user/orgs missing checkTokenPublicOnly + switch-case logic flaw in code.gitea.io/gitea...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 11:53 a.m.8 views

EUVD-2026-38739

Capgo before 12.128.2 fails to enforce limitedtoorgs and limitedtoapps constraints on subkeys provided via x-limited-key-id header in middlewareKey function. Attackers can bypass subkey scope restrictions by referencing their own subkeys, causing all downstream route handlers to use the...

8.8CVSS5.9AI score0.00266EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 1:16 p.m.14 views

CVE-2026-56225

Capgo before 12.128.2 contains an authorization bypass vulnerability in its public API key management handlers get/put/delete/post. API keys created with mode=all but restricted to a single app via limitedtoapps are only checked for limitedtoorgs and not for limitedtoapps, so an app-scoped key ca...

8.7CVSS0.00292EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 11:41 p.m.11 views

Gitea: Incomplete CVE-2025-68941 fix: /user/orgs missing checkTokenPublicOnly + switch-case logic flaw

Summary Two related issues in the token public-only scope enforcement introduced by PR 32204 CVE-2025-68941 fix. A public-only scoped API token can access private organization data. Issue 1: /user/orgs missing checkTokenPublicOnly routers/api/v1/api.go line 1599: go m.Get"/user/orgs", reqToken,...

5.3CVSS7.6AI score0.00271EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/16 11:41 p.m.7 views

GHSA-8629-VC8R-5P58 Gitea: Incomplete CVE-2025-68941 fix: /user/orgs missing checkTokenPublicOnly + switch-case logic flaw

Summary Two related issues in the token public-only scope enforcement introduced by PR 32204 CVE-2025-68941 fix. A public-only scoped API token can access private organization data. Issue 1: /user/orgs missing checkTokenPublicOnly routers/api/v1/api.go line 1599: go m.Get"/user/orgs", reqToken,...

4.3CVSS5.5AI score0.00271EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.20 views

PT-2026-50135

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An issue exists in the token public-only scope enforcement where a public-only scoped API token can access private organization data. This occurs due to two flaws: the endpoint '/user/orgs' is...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.9 views

PT-2026-33112

Name of the Vulnerable Software and Affected Versions Velociraptor versions prior to 0.76.3 Description A flaw in the query plugin allows an authenticated GUI user to access all organizations using their current ACL token. By utilizing the query plugin within a notebook cell, a user with access t...

9.1CVSS5.9AI score0.00224EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-25137

Massive ransomware attack hits US healthcare sector, exploiting MedSys CVE-2026-0456 and compromising 1.5M patient records as DarkSky demands $10M ransom, disrupting hospital operations. Ransomware https://t.co/jcKWMlplzA...

5.8AI score
Exploits0References5
CVE
CVE
added 2026/02/04 10:2 p.m.21 views

CVE-2026-1892

The CVE-2026-1892 entry concerns WeKan up to 8.20, specifically the REST API component and its boards.js function setBoardOrgs. The vulnerability arises from manipulating arguments item.cardId, item.checklistId, or card.boardId, leading to improper authorization. Exploitation could be performed r...

5CVSS4.8AI score0.00241EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/02/04 10:2 p.m.5 views

CVE-2026-1892 WeKan REST API boards.js setBoardOrgs improper authorization

A security vulnerability has been detected in WeKan up to 8.20. This affects the function setBoardOrgs of the file models/boards.js of the component REST API. Such manipulation of the argument item.cardId/item.checklistId/card.boardId leads to improper authorization. The attack may be launched...

2.3CVSS5.5AI score0.00241EPSS
Exploits0References8
Rows per page
Query Builder