Lucene search
K

145 matches found

CVE
CVE
added 2026/04/21 4:50 p.m.16 views

CVE-2026-40589

Product affected: FreeScout (self-hosted help desk). Vulnerability: Prior to 1.8.214, a low-privileged agent can edit a visible customer and assign an email owned by a hidden customer in another mailbox. The server reveals the hidden customer’s name and profile URL in the success flash, reassigns...

7.6CVSS5.7AI score0.00236EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/21 4:50 p.m.3 views

CVE-2026-40589

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer in another mailbox. The server discloses the hidden customer’s name and profile URL in the success...

7.6CVSS5.7AI score0.00236EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.214 contained security vulnerabilities. These vulnerabilities stemmed from low-privilege agents, which could edit visible...

7.6CVSS5.8AI score0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/16 1:10 a.m.2 views

CVE-2026-40504

Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravityvmexec function that allows attackers to write out-of-bounds memory by crafting scripts with many string literals at global scope. Attackers can exploit insufficient bounds checking in gravityfiberreassign t...

9.8CVSS6.6AI score0.0064EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.3 views

CVE-2026-3371

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.9.7. This is due to missing authorization checks in the savecoursecontentorder private method, which is called unconditionally by the...

4.3CVSS5.8AI score0.00358EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/31 11:58 p.m.4 views

WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field vulnerability

WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.15.5 - Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Post Author Reassignment via Avatar Field vulnerability discovered by type5afe in WordPress Plugin Profile...

4.3CVSS5.9AI score0.00171EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 11:18 a.m.1 views

CVE-2026-3139 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.15.5 via the wppbsaveavatarvalue function due to missing validation on a user controlled key...

4.3CVSS6AI score0.00171EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/31 11:18 a.m.30 views

CVE-2026-3139 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.15.5 via the wppbsaveavatarvalue function due to missing validation on a user controlled key...

4.3CVSS0.00171EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 4:27 p.m.3 views

CVE-2026-30239 OpenProject has a Permission Check bypass on Budget deletion allows reassignment of WorkPackages into other budgets

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when budgets are deleted, the work packages that were assigned to this budget need to be moved to a different budget. This action was performed before the permission check on the delete action was executed. Thi...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 4:27 p.m.12 views

CVE-2026-30239

OpenProject has a permission check bypass vulnerability in budget deletion prior to version 17.2.0. When budgets were deleted, all work packages assigned to the deleted budget could be reassigned or cleared because the check on the delete action executed after the reassignment operation, allowing...

7.1CVSS5.8AI score0.0019EPSS
Exploits0References1Affected Software1
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.2 views

Evaluating Generalization Mechanisms in Autonomous Cyber Attack Agents

Autonomous offensive agents often fail to transfer beyond the networks on which they are trained. We isolate a minimal but fundamental shift -- unseen host/subnet IP reassignment in an otherwise fixed enterprise scenario -- and evaluate attacker generalization in the NetSecGame environment. Agent...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/02 1:50 a.m.7 views

CVE-2026-28557

wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforosynchroles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then rema...

7.1CVSS6AI score0.00274EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/01 12:30 a.m.5 views

EUVD-2026-9106

wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforosynchroles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then rema...

7.1CVSS6AI score0.00274EPSS
Exploits0References4
NVD
NVD
added 2026/02/28 10:16 p.m.8 views

CVE-2026-28557

wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforosynchroles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then rema...

7.1CVSS0.00274EPSS
Exploits0References3
OSV
OSV
added 2026/02/28 10:16 p.m.3 views

CVE-2026-28557

wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforosynchroles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then rema...

6.5CVSS5.9AI score0.00274EPSS
Exploits0References3
CVE
CVE
added 2026/02/28 9:47 p.m.16 views

CVE-2026-28557

The vulnerability CVE-2026-28557 affects wpForo Forum 2.4.14, due to a missing capability check in the wpforo_synch_roles AJAX handler. Any authenticated user can access the usergroups admin page to obtain a nonce and bulk-remap all wpForo usergroups to arbitrary WordPress roles, enabling privile...

7.1CVSS6AI score0.00274EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/28 12:0 a.m.9 views

PT-2026-22478

Name of the Vulnerable Software and Affected Versions wpForo Forum version 2.4.14 Description An issue exists in wpForo Forum that allows authenticated users to perform bulk wpForo usergroup reassignment. This is possible due to a missing capability check in the wpforo synch roles AJAX handler. A...

7.1CVSS6AI score0.00274EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.5 views

CVE-2025-4521

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonatedonorprofile function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level...

8.8CVSS5.6AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.12 views

PT-2026-20624

Name of the Vulnerable Software and Affected Versions IDonate – Blood Donation, Request And Donor Management System plugin for WordPress versions 2.1.5 through 2.1.9 Description The IDonate plugin for WordPress has a flaw that allows unauthorized privilege escalation. Attackers with...

8.8CVSS5.2AI score0.00281EPSS
Exploits0References7
VulnCheck KEV
VulnCheck KEV
added 2026/01/30 12:0 a.m.83 views

VulnCheck KEV: CVE-2025-21756

In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...

7.8CVSS5.7AI score0.00844EPSS
In wildExploits3References2
Rows per page
Query Builder