Lucene search
K

304 matches found

EUVD
EUVD
added 13 hours ago4 views

EUVD-2026-43298

A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch...

7.5CVSS6.6AI score
Exploits0References8
NVD
NVD
added 3 days ago6 views

CVE-2026-15320

A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. This vulnerability affects the function rt.ReloadConfig of the file pkg/channels/pico/pico.go. Performing a manipulation of the argument message.send results in missing authorization. It is possible to initiate the attack remotely. The...

5.5CVSS0.00234EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-15270 D-link DIR-823G Web boa.conf least privilege violation

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS0.00368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago9 views

CVE-2026-15270

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS6.4AI score0.00368EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/29 1:30 p.m.33 views

CVE-2026-13571 SourceCodester Simple Food Ordering System cart.php logic error

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument itemprice can lead to business logic errors. The attack may be performed from remote. The exploit has been published...

6.9CVSS0.00383EPSS
Exploits0References6
NVD
NVD
added 2026/06/21 3:16 a.m.20 views

CVE-2026-12772

A security flaw has been discovered in BerriAI litellm up to 1.82.2. This impacts the function authenticateuser of the file litellm/proxy/auth/loginutils.py of the component PROXYADMIN database API Key Generator. Performing a manipulation results in session expiration. The attack may be initiated...

6.5CVSS0.00262EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/21 3:15 a.m.10 views

EUVD-2026-38139

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/experimental/mcpserver/auth/userapikeyauthmcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched...

7.5CVSS6.7AI score0.00612EPSS
Exploits1References5
CVE
CVE
added 2026/06/21 2:0 a.m.46 views

CVE-2026-12772

CVE-2026-12772 affects BerriAI litellm up to 1.82.2, impacting the authenticate_user path in litellm/proxy/auth/login_utils.py for the PROXY_ADMIN database API Key Generator. Description indicates that manipulating input can cause session expiration and that the issue can be exploited remotely; e...

6.5CVSS6.2AI score0.00262EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/21 2:0 a.m.7 views

CVE-2026-12772

A security flaw has been discovered in BerriAI litellm up to 1.82.2. This impacts the function authenticateuser of the file litellm/proxy/auth/loginutils.py of the component PROXYADMIN database API Key Generator. Performing a manipulation results in session expiration. The attack may be initiated...

6.5CVSS6.2AI score0.00262EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/06/21 2:0 a.m.43 views

CVE-2026-12772 BerriAI litellm PROXY_ADMIN database API Key Generator login_utils.py authenticate_user session expiration

A security flaw has been discovered in BerriAI litellm up to 1.82.2. This impacts the function authenticateuser of the file litellm/proxy/auth/loginutils.py of the component PROXYADMIN database API Key Generator. Performing a manipulation results in session expiration. The attack may be initiated...

6.5CVSS0.00262EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.25 views

PT-2026-51196

Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description A security flaw exists in the PROXY ADMIN database API Key Generator component within the authenticate user function of the litellm/proxy/auth/login utils.py file. A remote attacker can...

6.5CVSS6.6AI score0.00262EPSS
Exploits1References12
NVD
NVD
added 2026/06/11 1:16 p.m.12 views

CVE-2026-11956

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

6.3CVSS0.00191EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.15 views

CVE-2026-11462

A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file plugins/Stripe/Controllers/StripeController.php of the component Stripe Plugin. Performing a manipulation of the argument Request results in improper...

7.5CVSS6.8AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 12:16 p.m.22 views

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS0.00197EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 10:15 a.m.6 views

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5.2AI score0.00197EPSS
Exploits0References7Affected Software8
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47293

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description An improper authorization issue exists in the Account Creation Handler component within the file '/Product Inventory/api/users handler.php'. A remote attacker can manipulate the ROLE...

6.5CVSS6.6AI score0.00261EPSS
Exploits0References8
CVE
CVE
added 2026/06/07 11:45 p.m.31 views

CVE-2026-11469

CVE-2026-11469 affects jishenghua jshERP up to version 3.6. The vulnerability is in the function insertPlatformConfig of PlatformConfigService.java (PlatformConfig Add Endpoint). A manipulation of the argument platformValue can cause server-side request forgery (SSRF). The attack can be performed...

5.8CVSS5.1AI score0.00232EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.12 views

CVE-2026-10624

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7723

A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be...

7.5CVSS6.4AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 4:16 p.m.13 views

CVE-2026-10815

A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknown processing of the file hostel/index.php of the component Admin Dashboard Page. The manipulation of the argument ID results in missing authorization...

6.5CVSS0.00209EPSS
Exploits0References6
Rows per page
Query Builder