Lucene search
K

92 matches found

Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-59930 Mistune toc / TableOfContents directive: heading IDs use predictable `toc_N` numbering with no slugification, allowing collision with attacker-controlled `id="toc_N"` content

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable tocN values without slugifying the heading text, allowing attacker-controlled id="tocN" content to collide with generated anchors and...

4.3CVSS0.00128EPSS
Exploits1References3
CVE
CVE
added 6 days ago15 views

CVE-2026-57869

CVE-2026-57869 affects MicroRealEstate up to version 1.0.0-alpha3. The vulnerability stems from broken object-level access controls and a deterministic pattern used in random ID generation, enabling attackers to access documents uploaded by landlords or tenants without authorization. The availabl...

7.1CVSS6AI score0.00215EPSS
Exploits0References2
OSV
OSV
added 2026/07/03 12:0 a.m.4 views

UBUNTU-CVE-2026-38968

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding...

9.8CVSS6AI score0.00379EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55303

Name of the Vulnerable Software and Affected Versions ntopng versions prior to 6.7 Description Predictable session identifiers can lead to session hijacking. The issue occurs because HTTP session identifiers in the src/HTTPserver.cpp file use weak time-seeded pseudo-randomness during session...

9.8CVSS5.9AI score0.00379EPSS
Exploits0References5
CVE
CVE
added 2026/07/01 11:58 a.m.21 views

CVE-2026-53903

CVE-2026-53903 affects MCO via the insecure endpoint /customer/servlet/mco/webapi/trading-document/fetchPdfStatement. The underlying issue is an IDOR: the app does not properly validate that an authenticated user is authorized to access a requested document, allowing retrieval based on a user-sup...

8.1CVSS5.8AI score0.00244EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/25 10:17 p.m.7 views

CVE-2026-54479

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnerability may allow unauthorized users to authenticate as oth...

7.3CVSS0.00246EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 6:17 p.m.32 views

CVE-2026-42932 Naxclow IoT Platform Generation of Predictable Numbers or Identifiers

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS0.00233EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 6:17 p.m.11 views

CVE-2026-42932 Naxclow IoT Platform Generation of Predictable Numbers or Identifiers

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS5.2AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 6:17 p.m.12 views

EUVD-2026-36532

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS5.2AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 12:31 a.m.12 views

EUVD-2026-35895

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS5.5AI score0.00173EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/08 11:2 p.m.49 views

Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Summary Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning Kaminsky attack. Details Two factors contribute to this vulnerability in...

6.8CVSS5.5AI score0.00256EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.13 views

CVE-2026-50213

The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings...

8.7CVSS5.4AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 9:16 a.m.19 views

CVE-2026-50213

The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings...

8.7CVSS0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:39 a.m.8 views

CVE-2026-50213 Bulk User Private Data Harvesting

The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings...

8.7CVSS5.8AI score0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:39 a.m.11 views

EUVD-2026-34225

The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings...

8.7CVSS5.8AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 7:39 a.m.24 views

CVE-2026-50213

Technical details about CVE-2026-50213, including affected products, versions, root cause, and patches, are not publicly provided in the supplied documents; monitor for updates.

8.7CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/04 7:39 a.m.42 views

CVE-2026-50213 Bulk User Private Data Harvesting

The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings...

8.7CVSS0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the account verification endpoint/v1/User/validate, which returns a full set of user profile data tables. It is possible to...

8.7CVSS5.3AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/15 12:27 p.m.9 views

CVE-2026-8503

A flaw was found in Apache::Session::Generate::SHA256 within perl-Apache-Session-Browseable. The session ID generator uses predictable, low-entropy sources such as the rand function, epoch time, and process ID PID to create session identifiers. This weakness allows a remote attacker to predict...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 8:7 p.m.5 views

CVE-2026-6375

A vulnerability in SpiceJet’s booking API allows unauthenticated users to query passenger name records PNRs without any access controls. Because PNR identifiers follow a predictable pattern, an attacker could systematically enumerate valid records and obtain associated passenger names. This flaw...

8.7CVSS5.8AI score0.00311EPSS
Exploits0References2
Rows per page
Query Builder