Lucene search
K

135 matches found

NVD
NVD
added 3 days ago10 views

CVE-2026-56781

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...

6.9CVSS0.00231EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 3 days ago6 views

CVE-2026-56781 Teable - Unauthenticated Hidden Field Disclosure via Projection Parameter Override

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...

6.9CVSS5.9AI score0.00231EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-56781 Teable - Unauthenticated Hidden Field Disclosure via Projection Parameter Override

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...

6.9CVSS0.00231EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40157

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...

6.9CVSS5.9AI score0.00231EPSS
Exploits0References4
CVE
CVE
added 3 days ago6 views

CVE-2026-56781

The CVE-2026-56781 entry details an improper access control in Teable prior to 2026-06-15T04-43-24Z.1912 where anonymous attackers can access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs...

6.9CVSS5.9AI score0.00231EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-41969

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS5.4AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.12 views

CVE-2026-33888

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the getRestQuery method of the @apostrophecms/piece-type module, where the method checks whether a MongoDB projection has already been set before applying...

5.3CVSS5.3AI score0.00512EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.9 views

CVE-2026-39857

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the choices and counts query parameters of the REST API, where these query builders execute MongoDB distinct operations that bypass the publicApiProjection...

5.3CVSS5.6AI score0.00435EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.10 views

Token-Level Generalization in LoRA Adapter Backdoors: Attack Characterization and Behavioral Detection

We show that LoRA adapters, the dominant distribution format for fine-tuned LLMs, can be reliably backdoored through training data poisoning while preserving baseline task performance. On a Qwen 2.5 1.5B prompt-injection classifier, a small fraction of poisoned examples drives a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/17 12:0 a.m.9 views

Ablating Safety: Mechanisms for Removing Alignment in Language Models for Security Applications

Safety-aligned language models often refuse cybersecurity requests whose wording resembles misuse, even when the task is authorized and defensive. This makes security evaluation ambiguous: a failed answer may reflect missing capability or refusal-policy intervention. Ablating Safety studies...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/15 10:16 a.m.17 views

CVE-2026-41969

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS0.00096EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 9:31 a.m.9 views

CVE-2026-41969

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS5.8AI score0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 9:31 a.m.48 views

CVE-2026-41969

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 9:31 a.m.14 views

EUVD-2026-30531

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS5.8AI score0.00096EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 9:31 a.m.22 views

CVE-2026-41969

Technical details about CVE-2026-41969 are not publicly available in the provided documents. Monitor for updates from official sources.

6.2CVSS5.8AI score0.00096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:31 a.m.6 views

CVE-2026-41969

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS5.8AI score0.00096EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41290

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS5.8AI score0.00096EPSS
Exploits0References2
RustSec
RustSec
added 2026/05/01 12:0 p.m.6 views

Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0Affected Software1
Packet Storm News
Packet Storm News
added 2026/04/23 12:0 a.m.6 views

Risk Models As Mediating Artifacts: A Postphenomenological Analysis of the CIIM Framework in Cybersecurity Practice

This article applies postphenomenological theory to the field of cybersecurity risk management, arguing that formal risk models function as mediating artifacts that shape how security practitioners or analysts perceive, interpret, and act on threats. Based on Don Ihde's taxonomy on human-technolo...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/04/16 8:45 p.m.6 views

EUVD-2026-23108

ApostropheCMS: Information Disclosure via choices/counts Query Parameters Bypassing publicApiProjection Field Restrictions...

5.3CVSS5.8AI score0.00435EPSS
Exploits1References3
Rows per page
Query Builder