Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2 days ago8 views

CVE-2026-25119

Gogs is an open source self-hosted Git service. Prior to 0.14.3, when ENABLEREVERSEPROXYAUTHENTICATION is enabled, Gogs accepts the configured authentication header default: X-WEBAUTH-USER directly from client requests without validating that the request originated from a trusted reverse proxy. A...

8.7CVSS0.00864EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2 days ago4 views

CVE-2026-25119

Gogs is an open source self-hosted Git service. Prior to 0.14.3, when ENABLEREVERSEPROXYAUTHENTICATION is enabled, Gogs accepts the configured authentication header default: X-WEBAUTH-USER directly from client requests without validating that the request originated from a trusted reverse proxy. A...

8.7CVSS6AI score0.00864EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 4 days ago12 views

PT-2026-51429

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description When ENABLE REVERSE PROXY AUTHENTICATION is enabled, Gogs accepts the configured authentication header default: X-WEBAUTH-USER directly from client requests without validating that the request originat...

8.7CVSS6AI score0.00864EPSS
Exploits0References7
NCSC
NCSCadded 2026/05/29 7:8 p.m.13 views

The vulnerability was concealed in Starlette

There is a vulnerability in Starlette, a Python library for developing web services. Starlette is used by various products, including FastAPI. An unauthorized malicious actor can exploit this vulnerability to bypass authentication checks. This allows the malicious actor to access protected URL...

6.5CVSS5.8AI score0.01384EPSS
Exploits2References2
CNNVD
CNNVDadded 2026/01/08 12:0 a.m.5 views

Kanboard 安全漏洞

Kanboard is Kanboard open source set of open source visualization task board software . The software is able to customize the panel according to the business . A security vulnerability exists in Kanboard 1.2.48 and earlier versions that stems from an authentication bypass when REVERSEPROXYAUTH is...

9.1CVSS6.6AI score0.00433EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2026/01/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-21881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below is vulnerable to a critical authentication bypass when...

9.1CVSS7AI score0.00433EPSS
Exploits2References2
Tenable Nessus
Tenable Nessusadded 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: mod_auth_mellon (TSSA-2022:0100)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0100 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.1CVSS6.9AI score0.02969EPSS
Exploits1References4
CNNVD
CNNVDadded 2022/11/15 12:0 a.m.4 views

Jenkins Plugin Reverse Proxy Auth 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.6AI score0.00649EPSS
Exploits0References6
Rows per page
Query Builder