26 matches found
CVE-2026-9617
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...
GHSA-9237-RG5P-RHFW @saltcorn/data: Tenant user role is used for tenant creation role check
Summary When a tenant admin is logged out of the root domain e.g., saltcorn.com but logged in to their own tenant space as admin, they can simply append /tenant/create to their tenant URL. The system reads the role from the tenant context admin, and a new tenant is created on the root domain in...
@saltcorn/data: Tenant user role is used for tenant creation role check
Summary When a tenant admin is logged out of the root domain e.g., saltcorn.com but logged in to their own tenant space as admin, they can simply append /tenant/create to their tenant URL. The system reads the role from the tenant context admin, and a new tenant is created on the root domain in...
CVE-2026-28696
Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, the GraphQL directive @parseRefs, intended to parse internal reference tags e.g., user:1:email, can be abused by both authenticated users and unauthenticated guests if a Public Schema is enabled to access sensitive...
CVE-2026-28696 Craft affected by IDOR via GraphQL @parseRefs
Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, the GraphQL directive @parseRefs, intended to parse internal reference tags e.g., user:1:email, can be abused by both authenticated users and unauthenticated guests if a Public Schema is enabled to access sensitive...
CVE-2026-28696 Craft affected by IDOR via GraphQL @parseRefs
Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, the GraphQL directive @parseRefs, intended to parse internal reference tags e.g., user:1:email, can be abused by both authenticated users and unauthenticated guests if a Public Schema is enabled to access sensitive...
CVE-2026-28696
Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, the GraphQL directive @parseRefs, intended to parse internal reference tags e.g., user:1:email, can be abused by both authenticated users and unauthenticated guests if a Public Schema is enabled to access sensitive...
CVE-2026-28696 Craft affected by IDOR via GraphQL @parseRefs
Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, the GraphQL directive @parseRefs, intended to parse internal reference tags e.g., user:1:email, can be abused by both authenticated users and unauthenticated guests if a Public Schema is enabled to access sensitive...
Missing Authorization
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization via the parseRefs directive. An attacker can access sensitive attributes of any element, including user emails, usernames, custom fields, and internal server paths, by...
Craft CMS has IDOR via GraphQL @parseRefs
The GraphQL directive @parseRefs, intended to parse internal reference tags e.g., user:1:email, can be abused by both authenticated users and unauthenticated guests if a Public Schema is enabled to access sensitive attributes of any element in the CMS. The implementation in Elements::parseRefs...
PT-2026-22948
Name of the Vulnerable Software and Affected Versions Craft versions prior to 4.17.0-beta.1 and versions prior to 5.9.0-beta.1 Description Craft is a content management system CMS that contains a flaw in the GraphQL directive @parseRefs. This directive, designed to parse internal reference tags,...
CVE-2026-2360
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
CVE-2026-2360
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
UBUNTU-CVE-2026-2361
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...
CVE-2026-2360
CVE-2026-2360 affects PostgreSQL Anonymizer. A vulnerability lets a user gain superuser privileges by creating a custom operator in the public schema, placing malicious code there, which is executed with superuser rights when the extension is created. Risk is higher on PostgreSQL 14 or when upgra...
CVE-2026-2360 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user to gain superuser privileges in PostgreSQL 14
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
CVE-2026-2360 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user to gain superuser privileges in PostgreSQL 14
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
CVE-2026-2360
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...
PT-2026-7633
Name of the Vulnerable Software and Affected Versions PostgreSQL Anonymizer versions prior to 3.0.1 Description The software contains a flaw that could allow a user to obtain superuser privileges. This is achieved by creating a custom operator within the public schema and embedding malicious code...
VulnCheck KEV: CVE-2025-53364
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Starting in 5.3.0 and before 7.5.3 and 8.2.2, the Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While sche...