Lucene search
K

385 matches found

Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-59234 Authorization Bypass Through User-Controlled Key in Prospero Flow CRM calendar event deletion

Authorization Bypass Through User-Controlled Key CWE-639 in CalendarDeleteEventController app/Http/Controllers/Calendar/CalendarDeleteEventController.php, exposed at GET /calendar/event/delete/id, in Prospero Flow CRM before 5.5.3 allows a remote, authenticated attacker to delete arbitrary calend...

6.9CVSS0.00403EPSS
Exploits0References3
CVE
CVE
added 3 days ago11 views

CVE-2026-59234

This CVE affects Prospero Flow CRM prior to version 5.5.3. The vulnerability lies in the CalendarDeleteEventController (app/Http/Controllers/Calendar/CalendarDeleteEventController.php), exposed at the GET endpoint /calendar/event/delete/{id} . The delete logic uses Calendar::find($id)->delete(...

6.9CVSS6AI score0.00403EPSS
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-9180

The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...

5.3CVSS0.00342EPSS
Exploits0References6
CVE
CVE
added 3 days ago15 views

CVE-2026-9180

MotoPress Appointment Booking for WordPress (versions up to 2.4.4) is vulnerable to an Authorization Bypass via a user-controlled booking_id. The REST endpoint POST /motopress/appointment/v1/bookings is registered with a permissive permission_callback (return_true ), and createBooking() loads the...

5.3CVSS5.7AI score0.00342EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-55537

Name of the Vulnerable Software and Affected Versions Prospero Flow CRM versions prior to 5.5.3 Description An authorization bypass exists in the CalendarDeleteEventController app/Http/Controllers/Calendar/CalendarDeleteEventController.php via the GET '/calendar/event/delete/id' endpoint. A remot...

6.9CVSS6AI score0.00403EPSS
Exploits0References7
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-58447 Invidious - Cross-User Playlist Video Deletion via Missing Ownership Check

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...

7.1CVSS0.00225EPSS
Exploits0References4
CVE
CVE
added 6 days ago8 views

CVE-2026-58447

CVE-2026-58447 (Invidious) : A broken object-level authorization vulnerability affects Invidious up to version 2.20260626.0. An authenticated attacker can delete videos from other users’ playlists by supplying an arbitrary global video index to the remove_video endpoint, using per-video indices e...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 10:31 p.m.2 views

GHSA-Q6XX-5VR8-P898 Nezha vulnerable to cross-tenant terminal/file-manager session hijack via WebSocket stream UUID without ownership check

Summary In nezha v1.14.13–v1.14.14 and v2.0.0–v2.0.9, the WebSocket endpoints GET /ws/terminal/:id and GET /ws/file/:id authenticate the caller only by the presence of a valid stream UUID, with no ownership check tying that UUID to the user who created the stream. Any authenticated dashboard user...

9.9CVSS6AI score0.00339EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44734

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, a Missing Authorization vulnerability exists in OpenProject's CostReportsController. The rename and update actions allow any authenticated user to modify the name, filters, and grouping of any Public co...

6.5CVSS0.00231EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 5:16 p.m.7 views

CVE-2026-56823

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the POST /api/integrations/webhooks/webhookid/ping endpoint fetches the target webhook by primary key alone without verifying that the webhook belongs to the...

5.4CVSS0.0015EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 7:16 a.m.9 views

CVE-2026-8380

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...

6.5CVSS0.00342EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/25 3:52 p.m.30 views

CVE-2026-54027 LibreChat: Image Upload Route Bypasses Agent Permission Check — Incomplete Fix for File Upload Authorization

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/files/images endpoint allows any authenticated user to upload files into any agent's toolresources e.g., context, executecode without verifying ownership or EDIT permission on the target...

6.5CVSS0.00189EPSS
Exploits1References1
CVE
CVE
added 2026/06/25 3:52 p.m.10 views

CVE-2026-54027

Vulnerability (CVE-2026-54027): LibreChat prior to 0.8.4-rc1 allows authenticated users to upload files via POST /api/files/images into any agent’s tool_resources (e.g., context, execute_code) without ownership/EDIT checks. A permission check was added to POST /api/files, but the image upload rou...

6.5CVSS6AI score0.00189EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.5 views

PT-2026-52492

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4-rc1 Description An authenticated user can upload files into the tool resources such as context or execute code of any agent without the required ownership or EDIT permissions. This occurs because the 'POST...

6.5CVSS5.8AI score0.00189EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/24 5:17 p.m.27 views

CVE-2026-55611 AnythingLLM: embed-parsed-file cleanup deletes any parsed file by ID without ownership scoping (cross-tenant IDOR deletion)

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

0.00236EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:17 p.m.5 views

EUVD-2026-39009

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

5.9AI score0.00236EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 5:17 p.m.9 views

CVE-2026-55611

CVE-2026-55611 affects AnythingLLM. The vulnerability allows cross-tenant IDOR deletion of parsed-files via the endpoint POST /api/workspace/:slug/embed-parsed-file/:fileId. From 1.11.1 to 1.14.1, ownership-scoped access was added for parsed-files reads/deletes, but the delete path still removes ...

5.9AI score0.00236EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.6 views

CVE-2026-12094

The Advanced Contact Form 7 - Compact DB plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the cf7cdbajaxdeleteuser function in versions up to, and including, 1.0.0. The handler is registered against both wpajaxcf7cdbdelete and...

5.3CVSS6AI score0.00295EPSS
Exploits0References5
CVE
CVE
added 2026/06/23 8:9 p.m.30 views

CVE-2026-47388

NocoDB is affected by CVE-2026-47388: Missing ownership check in MCP Attachment Read allows a low-privilege MCP token holder with knowledge of an attachment path to read files in shared storage (including attachments from other bases/workspaces). The issue arises because readAttachment did not ve...

2.3CVSS5.9AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 4:49 p.m.39 views

CVE-2026-54009 Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the...

6.5CVSS0.00225EPSS
Exploits1References1
Rows per page
Query Builder