Lucene search
K

75 matches found

Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57554

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description Insufficient verification during the email change process allows an attacker with access to a valid session cookie or an authenticated browser to change the account email address. This occurs becaus...

8.4CVSS6.1AI score0.00244EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-57270

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.2 Description An issue exists in the IT asset and license management system where the endpoints 'PATCH /api/v1/maintenances/maintenance id' and 'PUT /api/v1/maintenances/maintenance id' fail to re-authorize asset...

7.7CVSS6.1AI score0.00218EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:10 p.m.6 views

CVE-2026-56774

Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authenticated users to delete other users' Remember Me sessions. Attackers can enumerate sequential session...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 8:16 p.m.12 views

CVE-2026-11931

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions 0644 instead of owner-restricted permissions 0600. To remediate this issue, users should upgrade t...

6.8CVSS0.00115EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/15 6:33 p.m.35 views

CVE-2026-11931 Insecure Permissions on Authentication Token Cache File in Kiro IDE

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions 0644 instead of owner-restricted permissions 0600. To remediate this issue, users should upgrade t...

6.8CVSS0.00115EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 6:33 p.m.91 views

CVE-2026-11931

CVE-2026-11931 affects Kiro IDE on macOS and Linux prior to version 0.11.133, where the authentication token cache file could be world-readable (0644) instead of owner-restricted (0600). This may allow other local users/processes to access cached tokens. Remediation: upgrade to Kiro IDE 0.11.133 ...

6.8CVSS5.3AI score0.00115EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 3:42 p.m.13 views

EUVD-2026-36496

Cap-go prior to 12.128.2 contains an account takeover vulnerability in its email change mechanism that allows an attacker with temporary authenticated session access to change the registered email address without re-authentication such as password or MFA verification. Attackers can redirect...

7.6CVSS5.3AI score0.00267EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.29 views

PT-2026-48934

Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An account takeover issue exists in the email change mechanism. An attacker with temporary authenticated session access can change the registered email address without requiring re-authentication,...

7.6CVSS5.3AI score0.00267EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.8 views

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

5.8AI score0.00136EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 5:48 p.m.11 views

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the OAuth reauthentication for stale sessions. An attacker can perform unauthorized account actions by completing OAuth verification with their own identity in a stale, authenticated victi...

7.6CVSS5.8AI score0.00035EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/22 5:48 p.m.12 views

Always-Incorrect Control Flow Implementation

Overview Flask-Security is a Simple security for Flask apps. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the OAuth reauthentication for stale sessions. An attacker can perform unauthorized account actions by completing OAuth verification wit...

7.6CVSS5.8AI score0.00035EPSS
Exploits0References2
OSV
OSV
added 2026/05/22 5:48 p.m.5 views

GHSA-97R5-PG8X-P63P Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

5.8AI score0.00035EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/22 5:48 p.m.18 views

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

5.8AI score0.00035EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/22 12:31 a.m.10 views

EUVD-2026-31362

Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo::update without field whitelisting resulting in password change without requiring the current...

5.3CVSS5.8AI score0.00182EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/22 12:0 a.m.10 views

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth identity...

5.8AI score0.00035EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42564

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.0 Description The user-profile edit controller passes the entire raw POST array to the UserInfo::update function without field whitelisting. This allows registered users to change passwords without providing...

5.3CVSS5.8AI score0.00182EPSS
Exploits0References4
OSV
OSV
added 2026/05/15 3:44 p.m.23 views

CLSA-2026-1778859875 samba: Fix of CVE-2025-0620

Fix CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session...

4.9CVSS5.8AI score0.00595EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.15 views

PT-2026-43462

Name of the Vulnerable Software and Affected Versions AVideo versions 29.0 and earlier Description A cross-site request forgery CSRF issue exists in the 2FA toggle functionality. The endpoint "plugin/LoginControl/set.json.php" accepts POST requests with the parameters type=set2FA and value=false ...

5.7CVSS5.8AI score0.0011EPSS
Exploits0References4
NVD
NVD
added 2026/05/11 6:16 p.m.20 views

CVE-2026-43640

Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session...

8.6CVSS0.00504EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/11 5:14 p.m.7 views

CVE-2026-43640 Bitwarden Server < 2026.4.1 Authentication Bypass via SCIM API Key

Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session...

8.6CVSS5.8AI score0.00504EPSS
Exploits1References5
Rows per page
Query Builder