Lucene search
K

344 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-59828

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS0.00314EPSS
Exploits0References9
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-59828 Discourse: Hidden post revisions leak through adjacent visible diffs

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS0.00314EPSS
Exploits0References9
CVE
CVE
added 5 days ago10 views

CVE-2026-59828

CVE-2026-59828 affects the Discourse open‑source discussion platform. Before versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This could di...

5.3CVSS5.9AI score0.00314EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-59828

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS5.9AI score0.00314EPSS
Exploits0References10Affected Software1
OSV
OSV
added 5 days ago2 views

CVE-2026-59828 Discourse: Hidden post revisions leak through adjacent visible diffs

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS6.1AI score0.00314EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-57004

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description Post revisions intended to be hidden from regular users may be leaked through visib...

5.3CVSS6.1AI score0.00314EPSS
Exploits0References12
CVE
CVE
added 2026/06/22 10:20 p.m.46 views

CVE-2026-47155

CVE-2026-47155 affects vLLM prior to 0.22.0. Description: revision pinning controls do not consistently apply to all artifacts loaded for a model, enabling loading of dynamic code, GGUF files, image processors, retrieval side weights, or same-repository subfolder weights/config from an unpinned/d...

6.5CVSS5.8AI score0.00146EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.12 views

CVE-2026-34970

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

5.3CVSS5.3AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.13 views

CVE-2026-42677

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS5.4AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:17 p.m.13 views

CVE-2026-42677

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 3:16 p.m.12 views

CVE-2026-42677 WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS5.8AI score0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 3:16 p.m.11 views

EUVD-2026-33686

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS5.8AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 3:16 p.m.29 views

CVE-2026-42677 WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 3:16 p.m.21 views

CVE-2026-42677

CVE-2026-42677 concerns the WordPress WP Document Revisions plugin,

7.5CVSS5.8AI score0.00232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45464

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS5.8AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

WordPress plugin WP Document Revisions 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

7.5CVSS5.4AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 12:16 a.m.13 views

CVE-2026-34970

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

5.3CVSS0.00372EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/19 11:17 p.m.9 views

EUVD-2026-31005

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

5.3CVSS5.7AI score0.00372EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/19 11:17 p.m.8 views

CVE-2026-34970

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

5.3CVSS5.7AI score0.00372EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/19 11:17 p.m.18 views

CVE-2026-34970

Summary: CVE-2026-34970 affects MantisBT, where versions 2.28.1 and earlier allow a bugnote author to view the Revisions page of a private issue after losing access to that issue. This undermines confidentiality by exposing private issue metadata on the Revisions page. Root cause (as described): ...

5.3CVSS5.7AI score0.00372EPSS
Exploits0References3
Rows per page
Query Builder