Lucene search
K

5 matches found

NVD
NVD
added yesterday5 views

CVE-2026-61441

PraisonAI Platform praisonai-platform before 0.1.9 improperly authorizes deletion of issue dependencies. The DELETE dependency route accepts either endpoint of a dependency edge and checks delete permission only against the caller-selected URL issue. A workspace member who cannot delete a...

7.1CVSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/19 7:28 a.m.5 views

CVE-2026-1860

The Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.8. This is due to the getitemspermissionscheck permission callback on the /kaliforms/v1/forms/id REST API endpoint only checking for the editposts capability without...

4.3CVSS5.6AI score0.00289EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/17 12:51 a.m.6 views

SUSE CVE-2017-18894

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover...

8.1CVSS7AI score0.00821EPSS
Exploits0References2
OSV
OSV
added 2023/02/09 7:15 p.m.4 views

CVE-2023-21432

Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner...

7.8CVSS7.1AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/22 12:0 a.m.5 views

Unspecified Vulnerability in Mattermost Server (CNVD-2020-52020)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.2.0, 4.1.1 and 4.0.5. An attacker can exploit the vulnerability to bypass resource owner authorization and take over an accou...

8.1CVSS6.8AI score0.00821EPSS
Exploits0References1
Rows per page
Query Builder