Lucene search
+L

184 matches found

nvd
nvd
added 3 days ago6 views

CVE-2026-56877

The SCORM lab launch endpoint in Skillable scorm.skillable.com through 2026-07-13 does not validate the client-supplied userId parameter against the authenticated SCORM session token. An authenticated user can substitute arbitrary userId values to bypass per-user lab launch rate limits and consum...

6.3CVSS0.0041EPSS
Exploits1References5
cvelist
cvelist
added 3 days ago34 views

CVE-2026-56877

The SCORM lab launch endpoint in Skillable scorm.skillable.com through 2026-07-13 does not validate the client-supplied userId parameter against the authenticated SCORM session token. An authenticated user can substitute arbitrary userId values to bypass per-user lab launch rate limits and consum...

6.3CVSS0.0041EPSS
Exploits1References2
nvd
nvd
added 2026/07/09 5:17 p.m.8 views

CVE-2026-59213

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, getallmodels handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of keybuilder, causing permission-filtered per-user model lists to share a stat...

5CVSS0.00273EPSS
Exploits1References4
euvd
euvd
added 2026/07/09 4:55 p.m.7 views

EUVD-2026-42629

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, getallmodels handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of keybuilder, causing permission-filtered per-user model lists to share a stat...

3.5CVSS6AI score0.00273EPSS
Exploits1References4
cve
cve
added 2026/07/09 4:55 p.m.10 views

CVE-2026-59213

Open WebUI (self-hosted AI platform) is affected in versions 0.6.27–0.10.0 by a bug in get_all_models handlers (routers/openai.py and routers/ollama.py) where a lambda was passed to aiocache key instead of key_builder. This caused permission-filtered per-user model lists to share a static cache e...

5CVSS6AI score0.00273EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/07/09 4:55 p.m.4 views

CVE-2026-59213 Open WebUI: Cross-user model-list exposure via static cache key in get_all_models (aiocache key= vs key_builder= misuse)

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, getallmodels handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of keybuilder, causing permission-filtered per-user model lists to share a stat...

3.5CVSS6.1AI score0.00273EPSS
Exploits1References6
cvelist
cvelist
added 2026/07/09 3:56 p.m.34 views

CVE-2026-59227 Open WebUI: POST /api/v1/images/edit bypasses the global image-edit switch and the per-user image-generation permission

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to...

4.3CVSS0.00259EPSS
Exploits1References4
osv
osv
added 2026/07/06 3:27 p.m.11 views

BIT-PYTHON-MIN-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.4AI score0.00136EPSS
Exploits0References9
osv
osv
added 2026/07/06 3:27 p.m.7 views

BIT-PYTHON-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.5AI score0.00136EPSS
Exploits0References9
osv
osv
added 2026/07/06 3:22 p.m.10 views

BIT-LIBPYTHON-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.4AI score0.00136EPSS
Exploits0References9
osv
osv
added 2026/07/01 8:51 p.m.3 views

GHSA-4J6X-2764-M8GH Rancher has over-inclusive team membership expansion in GitHub App authentication provider

Impact A vulnerability has been identified within Rancher Manager in the GitHub App authentication provider. When evaluating permissions, the provider incorrectly expands user team memberships to include all teams within the associated GitHub organization, rather than restricting access to the...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References7
osv
osv
added 2026/06/26 11:4 p.m.4 views

GHSA-JG62-J5H6-8MPQ Nezha Monitoring: Unbounded WebSocket Streams — Resource Exhaustion DoS

Description The Nezha dashboard exposes two endpoints that create long-lived WebSocket streams to monitored agents: - POST /api/v1/terminal → createTerminal terminal.go:27-67 - POST /api/v1/file → createFM fm.go:28-67 Both call rpc.NezhaHandlerSingleton.CreateStreamstreamId, ... which inserts a...

6.5CVSS6.1AI score0.00289EPSS
Exploits0References3
euvd
euvd
added 2026/06/23 10:27 p.m.12 views

EUVD-2026-37954

phpMyFAQ: Missing userHasPermission in 4 API write endpoints CVE-2026-24421 Incomplete Fix...

6.5CVSS5.8AI score0.01734EPSS
Exploits3References3
osv
osv
added 2026/06/23 10:27 p.m.3 views

GHSA-8C6H-7G6X-M5X4 phpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)

Missing Authorization in API CategoryController — CVE-2026-24421 fixed BackupController by adding userHasPermissionPermissionType::BACKUP. The same fix was NOT applied to 4 other write endpoints in the public API. All 4 only call hasValidToken shared API key but never call userHasPermission,...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References4
nvd
nvd
added 2026/06/22 2:17 p.m.14 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS
Exploits0References1
euvd
euvd
added 2026/06/22 1:2 p.m.8 views

EUVD-2026-38239

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/22 1:2 p.m.3 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/22 1:2 p.m.39 views

CVE-2026-56450 AIL Framework - Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS
Exploits0References1
osv
osv
added 2026/06/22 1:2 p.m.3 views

CVE-2026-56450 AIL Framework - Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS6AI score0.0033EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/06/18 9:12 p.m.9 views

CVE-2026-49205

phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this-userHasPermissionPermissionType::BACKUP. The same fix was not applied to 4 other write endpoints...

6.5CVSS5.2AI score0.0024EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder