Lucene search
K

207 matches found

EUVD
EUVD
added 2026/04/20 9:30 a.m.4 views

EUVD-2026-23791

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function deleteagent/stopschedule/getscheduledata of the file superagi/controllers/agent.py. The manipulation of the argument agentid leads to authorization bypass. The attack is possible to be carried out...

6.5CVSS6.2AI score0.00216EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/20 6:45 a.m.31 views

CVE-2026-6614 TransformerOptimus SuperAGI project.py get_projects_organisation authorization

A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function getproject/updateproject/getprojectsorganisation of the file superagi/controllers/project.py. The manipulation results in authorization bypass. The attack may be perform...

6.5CVSS0.00216EPSS
Exploits0References4
NVD
NVD
added 2026/04/20 6:16 a.m.7 views

CVE-2026-6609

A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function formvalid of the file oauth/views.py. This manipulation of the argument oauthid causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used...

6.5CVSS0.00206EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 12:30 a.m.9 views

EUVD-2026-23726

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS5.3AI score0.0027EPSS
Exploits0References5
NVD
NVD
added 2026/04/19 11:16 p.m.14 views

CVE-2026-6583

A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function deleteapikey/editapikey of the file superagi/controllers/apikey.py of the component API Key Management Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carri...

5.5CVSS0.003EPSS
Exploits0References4
NVD
NVD
added 2026/04/19 10:16 a.m.8 views

CVE-2026-6564

A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch the attack remotely. The exploit has been made public and could be used. The...

5.3CVSS0.00334EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.6 views

PT-2026-33625

A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch the attack remotely. The exploit has been made public and could be used. The...

5.3CVSS5.3AI score0.00334EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/09 6:30 a.m.8 views

decolua 9router vulnerable to authorization bypass

A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carried out remotely. The exploit has...

7.5CVSS6.5AI score0.00313EPSS
Exploits0References10Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 4:30 a.m.1 views

CVE-2026-5842

A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carried out remotely. The exploit has...

7.5CVSS6.5AI score0.00313EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 4:30 a.m.8 views

CVE-2026-5842 decolua 9router Administrative API Endpoint api authorization

A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carried out remotely. The exploit has...

7.5CVSS5.2AI score0.00313EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/04/07 10:51 a.m.3 views

CVE-2026-5642

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It ...

7.5CVSS5.6AI score0.00284EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 12:31 p.m.8 views

EUVD-2026-18188

A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manageuser of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be executed remotely...

6.9CVSS5.7AI score0.00404EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/02 9:45 a.m.2 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

6.3CVSS5.5AI score0.00622EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:27 p.m.1 views

CVE-2026-4990

A security vulnerability has been detected in chatwoot up to 4.11.1. The affected element is an unknown function of the file /app/login of the component Signup Endpoint. Such manipulation of the argument signupEnabled with the input true leads to improper authorization. The attack can be executed...

7.5CVSS5.5AI score0.0035EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.3 views

CVE-2026-4617

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...

7.5CVSS6.7AI score0.00348EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 1:17 a.m.8 views

CVE-2026-4617

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...

7.5CVSS0.00348EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/24 12:52 a.m.8 views

EUVD-2026-14674

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...

7.5CVSS5.5AI score0.00348EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.15 views

PT-2026-27284

Name of the Vulnerable Software and Affected Versions SourceCodester Patients Waiting Area Queue Management System version 1.0 Description A flaw exists in the Patient Check-In Module of the software, specifically within the ValidateToken function located in the /php/api patient checkin.php file...

7.5CVSS7.1AI score0.00348EPSS
Exploits0References9
NVD
NVD
added 2026/03/23 12:16 a.m.7 views

CVE-2026-4563

A weakness has been identified in MacCMS up to 2025.1000.4052. This vulnerability affects the function orderinfo of the file application/index/controller/User.php of the component Member Order Detail Interface. This manipulation of the argument orderid causes authorization bypass. It is possible ...

5.3CVSS0.00291EPSS
Exploits0References4
OSV
OSV
added 2026/03/09 12:16 p.m.5 views

CVE-2026-3817

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may ...

5.3CVSS5.6AI score0.00506EPSS
Exploits1References5
Rows per page
Query Builder