CVE-2026-27886

Strapi is an open source headless content management system. Strapi versions starting in 4.0.0 and prior to 5.37.0 did not sufficiently sanitize query parameters when filtering content via relational fields. An unauthenticated attacker could use the where query parameter on any publicly-accessibl...

CVE-2026-24467

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable...

CVE-2026-45701

Sulu CMS prior to versions 2.6.23 and 3.0.6 uses a weak cryptographic hash for password reset tokens and API key generation, as documented across CVE-2026-45701 disclosures. The vulnerability originates in the affected components (User.php and ResettingController.php) within the SecurityBundle, l...

EUVD-2026-33664

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6...

CVE-2026-45701 Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6...

CVE-2026-45701 Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6...

Sulu encryption issue vulnerabilities

Sulu is a scalable Symfony framework based on PHP, developed by the Austrian company Sulu. Versions prior to Sulu 2.6.23 and 3.0.6 contained a security vulnerability related to encryption. This vulnerability stemmed from the use of weak encryption hash algorithms for generating password reset...

Malicious code in @zaamx/netme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ff8cae34ceeb5f691ca4c4f92fbe10d0bc4e6b9eddf081e7c99ab1ee6193c98 This Medusa plugin hardcodes outbound POST requests to https://n8n.lidxi.com/webhook/ in multiple subscribers and admin routes, with no configuration...

GHSA-7FV8-6PP7-6H85 Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens

Impact The password reset tokenand API key generation uses a weak cryptographical hash algorithm. Patches Fixed in 2.6.23 and 3.0.6 version. Workarounds Patch the related User.php and ResettingController.php file in the SecurityBundle...

CVE-2026-27886

CVE-2026-27886 affects Strapi (open source headless CMS). Versions prior to 5.37.0 (from 4.0.0 onward) fail to sufficiently sanitize query parameters when filtering via relational fields. An unauthenticated attacker can use the public Content API’s where parameter on fields like updatedBy to perf...

Improper Neutralization of Special Elements in Data Query Logic

Overview @strapi/strapi is an updated version of the old 'strapi', which is a free and open-source headless CMS delivering your content anywhere you need. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic in the query parameter...

CVE-2026-40905

CVE-2026-40905 (LinkAce) relates to a password reset poisoning vulnerability in LinkAce prior to 2.5.4 caused by trusting the user-controlled X-Forwarded-Host header when generating password reset URLs. An attacker can manipulate this header during a reset request to inject a malicious domain int...

CVE-2026-24467

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable...

CVE-2026-24467

OpenAEV (versions 1.0.0 up to 2.0.12) suffers password reset token weaknesses that enable unauthenticated account takeover and platform compromise. The root cause is password reset tokens that never expire and are only 8 digits long, allowing token accumulation and rapid brute-forcing across mult...

CVE-2026-24467 OpenAEV's Improper Password Reset Token Management Leads to Unauthenticated Account Takeover and Platform Compromise

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable...

CVE-2026-24467

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable...

PT-2026-33787

Name of the Vulnerable Software and Affected Versions OpenAEV versions 1.0.0 through 2.0.12 Description The password reset implementation contains security weaknesses that allow for reliable account takeover. Password reset tokens do not expire and remain valid indefinitely, even after new tokens...

OpenAEV 安全漏洞

OpenAEV is an open-source personal planning platform under the OpenAEV Platform project. Versions of OpenAEV from 1.0.0 to 2.0.13 contained security vulnerabilities. This vulnerability stemmed from the fact that password reset tokens did not expire and had a length of only 8 bits. This allowed...

Authorizer: Password reset token theft and full auth token redirect via unvalidated redirect_uri

Hi, I found that 6 endpoints in Authorizer accept a user-controlled redirecturi and append sensitive tokens to it without validating the URL against AllowedOrigins. The OAuth /app handler validates redirecturi at httphandlers/app.go:46, but the GraphQL mutations and verifyemail handler skip...

Exploit for CVE-2024-36058

Koha Library Software CVE ID: CVE-2024-36058 Produ...