CVE-2026-8074 Improper Permission Check Allows User Manager to Deactivate Bot Accounts

Mattermost versions 11.7.x = 11.7.0, 10.11.x = 10.11.17 fail to enforce bot-specific permission checks on the user active status endpoint, which allows a User Manager with user management write access but no Integrations access to deactivate bot accounts via the PUT /api/v4/users/id/active API...

CVE-2026-56276

Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password has...

PT-2026-51151

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the 'PUT /api/v1/user' endpoint. This allows authenticated users to modify the credential field without proper validation. By providing a crafted password hash, an...

CVE-2026-46518

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...

CVE-2026-4286 Playbooks Plugin fails to validate team transfers, allowing unauthorized removal of member access via playbook update

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to check if teamid was being changed when updating playbooks, allowing users with only Manage Playbook Configurations permission to change a playbook's team, bypassing manage members restriction via PUT api. Mattermost Advisory ID:...

PT-2026-41653

Name of the Vulnerable Software and Affected Versions Mattermost versions 11.5.0 through 11.5.1 Mattermost versions 10.11.0 through 10.11.13 Description An issue exists where the system fails to verify if the team id is modified during playbook updates. This allows users possessing only the Manag...

CVE-2026-34762

Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, the PUT /api/v1/subscriber/imsi API accepts an IMSI identifier from both the URL path and the JSON request body but never verifies they match. This allows an authenticated NetworkManager to modify any subscriber's polic...

PT-2024-18651 · Zenml Io · Zenml

Name of the Vulnerable Software and Affected Versions: zenml-io/zenml version 0.55.3 Description: An improper authorization issue exists in the zenml-io/zenml repository, specifically within the API "PUT /api/v1/users/id" endpoint. This issue allows any authenticated user to modify the informatio...

OpenMetadata vulnerable to a SpEL Injection in `PUT /api/v1/events/subscriptions` (`GHSL-2023-251`)

SpEL Injection in PUT /api/v1/events/subscriptions GHSL-2023-251 Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able to access these APIs to exploit the vulnerability. A user must exist in OpenMetadata and have...