Lucene search
K

5 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-50007

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-50007 Actual: Shared users can perform owner-only file management actions

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00246EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-50007

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS5.9AI score0.00246EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-56243

Name of the Vulnerable Software and Affected Versions Actual versions prior to 26.7.0 Description A missing authorization issue allows a shared user with user access on a budget file to perform file management actions reserved for the owner or an administrator. This occurs because the...

7.2CVSS6.1AI score0.00246EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.24 contained security vulnerabilities. These vulnerabilities stemmed from an authorization bypass issue in the MCP loopback function, allowing unauthorized users to circumvent t...

6.9CVSS5.6AI score0.00096EPSS
Exploits0References1
Rows per page
Query Builder