243 matches found
CVE-2026-54307
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...
CVE-2026-54307 n8n: Credential Exfiltration via Permission Bypass
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...
CVE-2026-56235
Cap-go capgo before 12.128.2 contains an authorization bypass in several Supabase PostgREST RPC functions getappmetrics, getglobalmetrics, gettotalmetrics that are granted to the anon role without enforcing org membership or permission checks. An unauthenticated attacker using only the public...
EUVD-2026-38117
Cap-go capgo before 12.128.2 contains an authorization bypass in several Supabase PostgREST RPC functions getappmetrics, getglobalmetrics, gettotalmetrics that are granted to the anon role without enforcing org membership or permission checks. An unauthenticated attacker using only the public...
PT-2026-49184
The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that an administrator has not yet approved for public display, including any PII placed in the address...
Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign
Summary /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders builder.apps set but builder.global unset. The controller th...
PT-2026-49006
Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.30.1 Description A prototype pollution issue exists in the apos.util.set function, which traverses dot-notation paths without sanitizing the proto property. This allows an authenticated editor to write arbitra...
MAL-2026-5553 Malicious code in express-self-destruct (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0097503a7ecd7b5e3b97213de29b36d5e957a305f7829cc45f43aa5aa3da817 On npm install, the package's postinstall hook node scripts/inject.js walks up from the install directory to locate the consumer's project root and...
CVE-2026-33888
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the getRestQuery method of the @apostrophecms/piece-type module, where the method checks whether a MongoDB projection has already been set before applying...
RUSTSEC-2026-0157 Several memory corruption issues via safe APIs
Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...
PT-2026-48694
Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...
Security update for openexr
This update for openexr fixes the following issue CVE-2026-41142: integer overflow in ImageChannel: resize can lead to a heap out-of-bounds write via OpenEXRUtil public API bsc1264356. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
CVE-2026-46424
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...
CVE-2026-45332 Automad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint
Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...
CVE-2026-45332 Automad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint
Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcrypt password hash of every administrator account with a single POST request. The...
Automad 访问控制错误漏洞
Automad is a flat-file content management system and template engine developed by Marc Anton Dahmen. Versions of Automad from 2.0.0-alpha.1 to 2.0.0-beta.27 contain access control vulnerabilities. These vulnerabilities stem from ineffective access control mechanisms, allowing unauthorized attacke...
CVE-2026-48150
Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...
CVE-2026-46424
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...
CVE-2026-46424
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...
CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user...