EUVD-2026-26410

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...

CVE-2026-33315

CVE-2026-33315 (Vikunja) is a vulnerability in Vikunja prior to version 2.2.0 where the Caldav endpoint allows login using Basic Authentication. This enables bypass of TOTP on accounts with 2FA enabled, allowing access to protected project information such as name and description. The issue is fi...

CVE-2025-0516 Incorrect Authorization in GitLab

Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project data...

CVE-2025-0516

Removed by vendor...

PT-2021-21366 · Knx Ets · Knx Ets

Name of the Vulnerable Software and Affected Versions: KNX ETS versions 5 through 5.7.6 Description: The issue allows local users to read project information due to the use of a hard-coded password ETS5Password with a salt value of Ivan Medvedev. This problem is specific to products that are no...

PT-2021-6696 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.10 and later Description: The issue is related to an information disclosure problem, where a lack of access control checking allows a remote attacker to gain access to confidential data. This enables a user to read proje...