Lucene search
K

83 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42314

AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails...

7.1CVSS6AI score0.00238EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-49296 Apache Airflow: Per-DAG read bypass discloses co-located DAGs' source via GET /api/v2/dagSources/{dag_id}

Before apache-airflow 3.3.0, a user authorized to read one Dag could disclose the source of other Dags co-located in the same source file. GET /api/v2/dagSources/dagid — and the equivalent Dag-source view in the UI — returned the entire source file without redacting Dags the caller was not...

0.00601EPSS
Exploits0References2
CVE
CVE
added 6 days ago15 views

CVE-2026-49296

CVE-2026-49296 (Apache Airflow) : Affected versions before 3.3.0 expose the full source of co-located DAGs when reading a single DAG via GET /api/v2/dagSources/{dag_id} or the UI view, bypassing per-DAG read controls. This can disclose multiple DAG sources from the same file to authorized readers...

6.5CVSS5.9AI score0.00601EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/26 7:59 p.m.42 views

CVE-2026-55189 RustFS: FTP frontend skips IAM authorization on object reads

RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage backend without ever calling the IAM authorization function that the FTP write/list handlers and t...

7.7CVSS0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 6:43 p.m.7 views

GO-2026-5337 Kyverno: Cross-Namespace Read Bypasses RBAC Isolation (CVE-2026-22039 Incomplete Fix) in github.com/kyverno/kyverno

Kyverno: Cross-Namespace Read Bypasses RBAC Isolation CVE-2026-22039 Incomplete Fix in github.com/kyverno/kyverno...

7.7CVSS5.8AI score0.00516EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/06/23 5:19 p.m.36 views

CVE-2026-49406 Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode nodeModulesDir: "manual", the module resolver did not validate that a package's resolved entrypoint stayed within its nodemodules// directory. A malicious package.json whose main field...

5.5CVSS0.00135EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/01 7:53 a.m.37 views

CVE-2026-41014 Apache Airflow: per-DAG RBAC bypass on /ui/partitioned_dag_runs endpoints

The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...

0.00352EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/07 3:21 a.m.15 views

etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests

Impact What kind of vulnerability is it? Who is impacted? A vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may b...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/04/20 4:15 p.m.5 views

SUSE-SU-2026:1497-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds checks in the...

8.1CVSS6AI score0.00475EPSS
Exploits0References43
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.6 views

RockyLinux 9 : nodejs:24 (RLSA-2026:7350)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7350 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547...

9.8CVSS6.7AI score0.26356EPSS
Exploits1References37
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.10 views

SUSE SLED15: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2026:1202-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1202-1 advisory. - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. -...

9.8CVSS7.5AI score0.00475EPSS
Exploits0References69
CVE
CVE
added 2026/04/02 4:20 p.m.8 views

CVE-2026-35038

CVE-2026-35038 affects Signal K Server (prior to v2.24.0). Affected component: prototype boundary filtering in the global prototype object accessed via the from field, allowing a low-privileged authenticated user to bypass filtering and read internal functions/properties, violating data isolation...

6.5CVSS5.9AI score0.00308EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/25 9:17 p.m.4 views

Vikjuna: IDOR in Task Attachment ReadOne Allows Cross-Project File Access and Deletion

Summary TaskAttachment.ReadOne queries attachments by ID only WHERE id = ?, ignoring the task ID from the URL path. The permission check in CanRead validates access to the task specified in the URL, but ReadOne loads a different attachment that may belong to a task in another project. This allows...

8.1CVSS5.9AI score0.00265EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/02/17 9:33 a.m.5 views

nodejs: Nodejs file permissions bypass

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS5.9AI score0.01633EPSS
Exploits2References5
OSV
OSV
added 2026/02/10 5:47 p.m.8 views

CVE-2026-25992 SiYuan has a File Read Interface Case Bypass Vulnerability

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...

7.5CVSS5.5AI score0.00505EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/10 5:47 p.m.3 views

CVE-2026-25992 SiYuan has a File Read Interface Case Bypass Vulnerability

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...

7.5CVSS5.5AI score0.00505EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/10 5:47 p.m.28 views

CVE-2026-25992 SiYuan has a File Read Interface Case Bypass Vulnerability

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...

7.5CVSS0.00505EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 5:56 p.m.7 views

GHSA-QQ26-84MH-26J9 Deno's --deny-read check does not prevent permission bypass

Summary Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explicit read access to the script is executed with --deny-read=./ Similar APIs like Deno.stat a...

3.3CVSS6.7AI score0.00182EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/10/08 12:49 a.m.1 views

CVE-2025-61786 Deno's --deny-read check does not prevent permission bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6.2AI score0.00182EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/08 12:49 a.m.8 views

EUVD-2025-33180

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6AI score0.00182EPSS
Exploits1References6
Rows per page
Query Builder