538 matches found
CVE-2026-63085 Axelor Open Platform 8.x < 8.2.2 Authorization Bypass via Nested Relational Record Persistence
Axelor Open Platform versions 8.x prior to 8.2.2 contains an authorization bypass vulnerability that allows authenticated non-admin users to escalate privileges by exploiting unenforced field restrictions on nested relational save operations. Attackers can modify sensitive User record fields such...
CVE-2026-63085
Axelor Open Platform 8.x prior to 8.2.2 contains an authorization bypass vulnerability. Authenticated non-admins can escalate privileges by exploiting unenforced field restrictions on nested relational save operations, enabling modification of sensitive User fields (roles, groups) through a relat...
PT-2026-52093
🚨 CVE-2026-45688 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the client-supplied options.cas.credentialToken value straight into a MongoDB findOn...
Improper Neutralization of Special Elements in Data Query Logic
Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the enrichContext process. An attacker can access and modify all documents in connected NoSQL databases by injecting crafted...
NoSQL Injection
Spring Data MongoDB is vulnerable to NoSQL Injection. The vulnerability is due to insufficient validation of parameters bound to regular expressions in @Query-annotated repository methods, where attacker-controlled input can break out of the intended regex quoting e.g., ^\Q?0\E$ and manipulate...
CVE-2026-41697
A flaw was found in Spring Data Relational. This vulnerability allows a remote attacker to perform boolean-based blind data inference by supplying wildcard characters in externally-controlled input when using StringMatcher in Query By Example QBE. This can lead to the disclosure of sensitive...
EUVD-2026-35893
Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...
CVE-2026-41697
Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...
VMware Spring Data Relational 安全漏洞
VMware Spring Data Relational is a relational database access framework developed by VMware, Inc. There is a security vulnerability in VMware Spring Data Relational, which stems from the improper escaping of external control inputs when using StringMatcher in Query By Example. Attackers can use...
CVE-2026-41697 Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern
Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...
CVE-2026-41697 Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern
Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...
CVE-2026-41697
CVE-2026-41697 affects Spring Data Relational/JDBC/R2DBC across multiple versions (4.0.0–4.0.5; 3.5.0–3.5.11; 3.4.0–3.4.14; 3.3.0–3.3.16; 3.2.0–3.2.15; 3.1.0–3.1.14; 3.0.0–3.0.15; 2.4.0–2.4.19). The root cause is improper escaping of binding values for StringMatcher (STARTING, ENDING, CONTAINING)...
PT-2026-48313
Name of the Vulnerable Software and Affected Versions Spring Data Relational/JDBC/R2DBC versions 4.0.0 through 4.0.5 Spring Data Relational/JDBC/R2DBC versions 3.5.0 through 3.5.11 Spring Data Relational/JDBC/R2DBC versions 3.4.0 through 3.4.14 Spring Data Relational/JDBC/R2DBC versions 3.3.0...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via Query By Example QBE StringMatcher handling. An attacker can perform boolean-based blind data inference by supplying wildcard characters in externally controlled input used to populate a QBE probe. When...
cve-2026-41697 - MEDIUM - Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern
cve-2026-41697 - MEDIUM - Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi
CVE-2026-27886 Strapi PoC For authorized security testing o...
net: rds: fix MR cleanup on copy error
...
Important: kernel-livepatch-6.1.168-203.330
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.1.168-203.330 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
CVE-2026-40102
Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...
PT-2026-42269
Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...