3051 matches found
CVE-2026-56220
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...
CVE-2026-56778
CVE-2026-56778 (n8n) : Affected versions are n8n before 2.25.7 and 2.26.x before 2.26.2. The Public API execution retry endpoint authorizes with the workflow:read scope instead of workflow:execute, allowing an authenticated user with read-only access to a shared workflow to retry executions, bypa...
CVE-2026-56778 n8n - Authorization Bypass in Public API Execution Retry Endpoint
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...
EUVD-2026-42263
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...
CVE-2026-56776
CVE-2026-56776 affects n8n versions prior to 1.123.55, 2.25.7, and 2.26.2. The issue is an authorization bypass in POST /workflows/{workflowId}/test-runs/new where access is granted using workflow:read instead of workflow:execute, enabling an authenticated user with read-only access to trigger a ...
CVE-2026-56220 Capgo - Unauthorized Manifest Insertion via Read-Only Org Member
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...
EUVD-2026-42247
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...
CVE-2026-56220 Capgo - Unauthorized Manifest Insertion via Read-Only Org Member
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...
CVE-2026-56220
Capgo before version 12.128.2 contains an authorization bypass in the public.manifest INSERT policy that lets read-only org members insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3_path values, which are served to devices via th...
CVE-2026-60124
The CVE-2026-60124 in MISP concerns an authorization bypass in EventsController::importModule(). When an import module returns results in the misp_standard format, the write path failed to verify event modification rights, allowing authenticated users or read-only API keys with event view access ...
CVE-2026-60124 MISP importModule missing authorization allows read-only users to modify events via misp_standard imports
An authorization bypass in MISP’s EventsController::importModule allowed authenticated users or read-only API keys with event view access to persist data to events they were not allowed to modify. When an import module returned results in the mispstandard format, the write path did not verify eve...
CVE-2026-60124 MISP importModule missing authorization allows read-only users to modify events via misp_standard imports
An authorization bypass in MISP’s EventsController::importModule allowed authenticated users or read-only API keys with event view access to persist data to events they were not allowed to modify. When an import module returned results in the mispstandard format, the write path did not verify eve...
CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...
CVE-2026-55433
Coder: Devcontainer recreate endpoint lacked ActionUpdate authorization, allowing read-only workspace roles to trigger destructive rebuilds. Affected versions prior to 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusted by the endpoint; fix adds ActionUpdate check before dialing the agent, mirroring the d...
CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...
CVE-2026-59709
Ghostfolio's PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint fails to verify Access.permissions field when processing the Impersonation-Id header, allowing read-only access grantees to modify portfolio holding tags. Attackers with valid read-only share tokens can assign or remove...
EUVD-2026-42046
Ghostfolio's PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint fails to verify Access.permissions field when processing the Impersonation-Id header, allowing read-only access grantees to modify portfolio holding tags. Attackers with valid read-only share tokens can assign or remove...
CVE-2026-59709
Ghostfolio CVE-2026-59709 affects the PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint. The root cause is a missing verification of Access.permissions when processing the Impersonation-Id header, allowing read-only access grantees to modify portfolio holding tags. Attackers with va...
CVE-2026-59709 Ghostfolio - Unauthorized Portfolio Holding Tag Modification via Missing Permission Check
Ghostfolio's PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint fails to verify Access.permissions field when processing the Impersonation-Id header, allowing read-only access grantees to modify portfolio holding tags. Attackers with valid read-only share tokens can assign or remove...
CVE-2026-59709
Ghostfolio's PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint fails to verify Access.permissions field when processing the Impersonation-Id header, allowing read-only access grantees to modify portfolio holding tags. Attackers with valid read-only share tokens can assign or remove...