180 matches found
Blinko <= 1.8.3 - User Information Leak
Blinko = 1.8.4 contains an information disclosure caused by a publicly accessible endpoint exposing user information including usernames, roles, and account creation dates, letting remote attackers access sensitive user data, exploit requires no special privileges. id: CVE-2026-23486 info: name:...
CVE-2026-59708 Ghostfolio - Unauthorized Portfolio Data Exposure via Public Endpoint
The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs without validating granteeUserId filtering, allowing unauthenticated access to full portfolio data. Attackers with a private access ID can retrieve sensitive portfolio information including holdings,...
CVE-2026-59708 Ghostfolio - Unauthorized Portfolio Data Exposure via Public Endpoint
The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs without validating granteeUserId filtering, allowing unauthenticated access to full portfolio data. Attackers with a private access ID can retrieve sensitive portfolio information including holdings,...
CVE-2026-59708
Ghostfolio suffers an unauthorized data exposure via GET /api/v1/public/:accessId/portfolio. The endpoint accepts private access IDs without granteeUserId filtering, enabling unauthenticated retrieval of full portfolio data (holdings, quantities, buy prices, performance metrics). Impact is confid...
CVE-2026-59708 Ghostfolio - Unauthorized Portfolio Data Exposure via Public Endpoint
The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs without validating granteeUserId filtering, allowing unauthenticated access to full portfolio data. Attackers with a private access ID can retrieve sensitive portfolio information including holdings,...
CVE-2026-50132
Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint no auth required that performs a permanent, state-changing operation: it binds an external chat identity Slack/Discord/MS Teams to an authenticated Budibase user accoun...
CVE-2026-50132 Budibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in Budibase
Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint no auth required that performs a permanent, state-changing operation: it binds an external chat identity Slack/Discord/MS Teams to an authenticated Budibase user accoun...
CVE-2026-50132
Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint no auth required that performs a permanent, state-changing operation: it binds an external chat identity Slack/Discord/MS Teams to an authenticated Budibase user accoun...
CVE-2026-50132
Summary (CVE-2026-50132) Budibase exposes a public GET endpoint GET /api/chat-links/:instance/:token/handoff that, before version 3.39.0, can silently link an attacker’s external chat identity (Slack/Discord/MS Teams) to a victim’s Budibase account without consent or CSRF protection. The flow: an...
CVE-2026-9172
The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to unauthorized modification/deletion of data due to a missing capability check on the deletesingleaccount function in versions up to, and including, 1.2.0. The REST route...
CVE-2026-9172
The Devs Accounting – Simple Accounting and Invoicing Solution plugin for WordPress is vulnerable to unauthorized modification/deletion of data due to a missing capability check on the deletesingleaccount function in versions up to, and including, 1.2.0. The REST route...
CVE-2026-9172
WordPress plugin Devs Accounting – Simple Accounting and Invoicing Solution (versions up to 1.2.0) is vulnerable to unauthorized modification/deletion of data due to a missing capability check in delete_single_account(), with the REST route devs-accounting/v1/delete-account/(?P\d+) registered wit...
PT-2026-51690
Name of the Vulnerable Software and Affected Versions Devs Accounting – Simple Accounting and Invoicing Solution versions prior to 1.2.1 Description A missing capability check in the delete single account function allows unauthorized modification or deletion of data. The REST route...
CVE-2026-56248
Cap-go capgo capgo-backend before 12.128.12 contains an unauthenticated denial-of-service vulnerability arising from the auditlogs table's Row-Level Security RLS policy when accessed via the Supabase PostgREST API. Because the PostgreSQL query planner executes costly logic before RLS rejection,...
Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override
Summary The webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution parameters. A mass assignment vulnerability in externalTrigger allows an attacker to overwrite the internal appId property by including it in the webhook POST...
CVE-2026-56311
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.getcurrentplanmaxorg RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan limits. Attackers can call the RPC endpoint with any organization UUID using only the public Supabase...
UBUNTU-CVE-2026-42127
The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access tok...
CVE-2026-42127 Pre-authentication denial of service in the public dashboard query endpoint
The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access tok...
PT-2026-51452
Name of the Vulnerable Software and Affected Versions Budibase versions 3.37.2 through 3.38.x Description Budibase contains an issue where the GET /api/chat-links/:instance/:token/handoff endpoint is public and lacks authentication and Cross-Site Request Forgery CSRF protection. This allows an...
CVE-2026-8386 WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Marker ID
The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that an administrator has not yet approved for public display, including any PII placed in the address...