1175 matches found
CVE-2026-20751
The CVE-2026-20751 entry concerns Intel Data Center Graphics Driver for VMware ESXi, vulnerable in versions before 2.0.2. The issue is an out-of-bounds read in Ring 1 device drivers, which may allow a local-privileged attacker with low complexity and no user interaction to cause a denial of servi...
EUVD-2026-29102
In Meari IoT Cloud MQTT Broker deployments running EMQX 4.x, any authenticated low-privilege account can subscribe to global wildcard topics and receive telemetry from devices the user does not own. The broker enforces publish restrictions but does not enforce equivalent subscribe authorization a...
CVE-2026-42609
Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a business logic vulnerability in the Grav Admin Panel allows a low-privileged user with only user creation permissions to overwrite existing accounts, including the primary administrator. By creating a new user with a username that alread...
CVE-2026-42611
Grav CVE-2026-42611 is a stored XSS in Grav Core + Admin Plugin (versions around v1.7.49.5 / v1.10.49.1) that a low-privileged user can exploit via page content to exfiltrate admin context, including the admin nonce, potentially bypass CSRF protections and enable further actions on sensitive admi...
EUVD-2026-28929
Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by submitting admin=true in PUT /api.php/v1/users/id. The endpoint directly persists the admin attribute from user input, and the escalated accou...
PT-2026-38882
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged...
SUSE CVE-2026-7573
An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...
BIT-JAVA-MIN-2026-22003
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged...
GHSA-RR73-568V-28F8 Grav Vulnerable to Administrative Account Disruption and Privilege De-escalation via User Overwrite Logic
Summary A business logic vulnerability in the Grav Admin Panel allows a low-privileged user with only user creation permissions to overwrite existing accounts, including the primary administrator. By creating a new user with a username that already exists, the system updates the existing account'...
GHSA-4FM3-GGG2-C6QX AzuraCast's Missing RequireInternalConnection on Liquidsoap API Allows Low-Privilege Metadata Injection and Broadcast Disruption
Summary The /api/internal/stationid/liquidsoap/action endpoint is accessible from the public web interface because it lacks the RequireInternalConnection middleware that protects other internal endpoints /sftp-auth, /sftp-event. Combined with a logic flaw where the $asAutoDj flag is set based on...
PT-2026-36800
Name of the Vulnerable Software and Affected Versions Norton Secure VPN affected versions not specified Description A privilege escalation issue occurs during the installation of the software via the Microsoft Store. A low-privilege user can replace files during the installation process,...
Juniper Junos OS Vulnerability (JSA100078)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100078 advisory. - An Improper Access Control vulnerability in the User Interface UI of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading...
Juniper Junos OS Vulnerability (JSA92860)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA92860 advisory. - An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface CLI of Juniper Networks Junos OS on SRX Series devices allows a...
CVE-2026-38948
Cross-Site Scripting XSS vulnerability exists in FUEL CMS v1.5.2 and before within the asset upload functionality. The application fails to properly sanitize uploaded SVG files, allowing a low-privileged authenticated user to upload a crafted SVG file containing malicious code...
Cisco IOS XE Software DoS (cisco-sa-iosxe-mntc-dos-LZweQcyq)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because...
CVE-2026-41171 SSRF via Jint Scripting Engine HTTP Functions Due to Missing SSRF Protection on "Jint" HttpClient
Squidex is an open source headless content management system and content management hub. Versions prior to 7.23.0 have a Server-Side Request Forgery SSRF vulnerability due to missing SSRF protection on the Jint HTTP client used by scripting engine functions getJSON, request, etc.. An authenticate...
PT-2026-34118
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Microsoft Active Directory. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Orac...
CVE-2026-30452
CVE-2026-30452 affects Textpattern CMS 4.9.0. A Broken Access Control flaw in the article management workflow lets authenticated users with low privileges modify articles owned by higher-privilege users. By altering the article ID parameter during the duplicate-and-save process in textpattern/inc...
CVE-2026-33392
In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the GymConfigUpdateView. An attacker can gain unauthorized control over installation-wide configuration and modify other users' records by submitting changes to the /config/gym-config/edit endpoint as a...