Lucene search
K

5 matches found

OSV
OSV
added 2026/01/29 8:36 a.m.5 views

BIT-APPSMITH-2026-24042 Appsmith public apps can execute unpublished actions (viewMode confusion)

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...

9.8CVSS6.2AI score0.00579EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/23 6:19 a.m.14 views

CVE-2026-24042

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...

9.8CVSS5.9AI score0.00579EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 4:16 a.m.7 views

CVE-2026-24042

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...

9.8CVSS0.00579EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 3:52 a.m.20 views

CVE-2026-24042 Appsmith public apps can execute unpublished actions (viewMode confusion)

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished edit-mode actions by sending viewMode=false or omitting it to POST /api/v1/actions/execute. This bypasses the...

9.4CVSS0.00579EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-3916

Name of the Vulnerable Software and Affected Versions Appsmith versions 1.94 and below Description Appsmith is a platform used to build admin panels, internal tools, and dashboards. Publicly accessible applications in affected versions allow unauthenticated users to execute unpublished actions...

9.4CVSS5.7AI score0.00579EPSS
Exploits0References14
Rows per page
Query Builder