Lucene search
K

206 matches found

NVD
NVD
added 2026/07/08 8:16 p.m.6 views

CVE-2026-59805

Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...

7.1CVSS0.0022EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/08 7:43 p.m.35 views

CVE-2026-59805 Gumroad < 2026.07.06.2 - Insecure Direct Object Reference in PurchasesController

Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...

7.1CVSS0.0022EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/08 7:43 p.m.5 views

EUVD-2026-42374

Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...

7.1CVSS6.1AI score0.0022EPSS
Exploits0References5
OSV
OSV
added 2026/07/08 7:43 p.m.3 views

CVE-2026-59805 Gumroad < 2026.07.06.2 - Insecure Direct Object Reference in PurchasesController

Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...

7.1CVSS6.2AI score0.0022EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56567

Name of the Vulnerable Software and Affected Versions Gumroad versions prior to 2026.07.06.2 Description Broken access control in the PurchasesController allows authenticated sellers to manipulate purchase access for products belonging to other sellers. By sending PUT requests to the revoke acces...

7.1CVSS6.2AI score0.0022EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5304 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao

OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/revoke,renew — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao...

5.8AI score
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in unlockfilesystem. If we try to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This occurs currently because the...

5.5CVSS6AI score0.00115EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the issue of double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned...

7.8CVSS5.7AI score0.00139EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51109

Summary OpenBao users with access to the sys/leases/revoke/:lease id endpoint in any namespace can revoke leases in any other namespace as long as the lease identifier is known to them, bypassing ACLs that should apply for cross-namespace revocations. Impact OpenBao's namespaces provide...

2.1CVSS5.8AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-126 (ALASDOCKER-2026-126)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-126 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...

10CVSS6.9AI score0.03153EPSS
Exploits2References16
Vulnrichment
Vulnrichment
added 2026/06/06 3:28 a.m.8 views

CVE-2026-7624 SEO Plugin by Squirrly SEO <= 12.4.16 - Missing Authorization to Authenticated (Contributor+) Privileged Cloud API Operations

The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS5.5AI score0.00296EPSS
Exploits0References14
CVE
CVE
added 2026/06/06 3:28 a.m.29 views

CVE-2026-7624

The CVE concerns the SEO Plugin by Squirrly SEO for WordPress, vulnerable to an authorization bypass in all versions up to and including 12.4.16. The underlying issue is that the plugin fails to verify a user’s authorization before performing privileged cloud API operations. As a result, authenti...

4.3CVSS5.5AI score0.00296EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/06 3:28 a.m.16 views

EUVD-2026-34956

The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS5.5AI score0.00296EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.17 views

WordPress plugin SEO Plugin by Squirrly SEO 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.00296EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.11 views

CVE-2026-4002

The Petje.af plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 2.1.8. This is due to missing nonce validation in the ajaxrevoketoken function which handles the 'petjeafdisconnect' AJAX action. The function performs destructive operations includin...

4.3CVSS5.5AI score0.00163EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/05 4:43 p.m.45 views

NocoDB: OAuth Tokens Persist Through Security Events

Summary OAuth access and refresh tokens were not revoked when the user changed, reset, or recovered their password, leaving an attacker-issued OAuth grant valid after the user believed they had locked the attacker out. Details revokeAllOAuthTokensByUser in the users service was an empty stub bein...

6.3CVSS5.5AI score0.00295EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/01 9:16 a.m.24 views

PYSEC-2026-187

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

9.1CVSS5.9AI score0.00667EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/06/01 9:16 a.m.11 views

PYSEC-0000-CVE-2026-48726

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

6.5CVSS5.9AI score0.00382EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/01 9:16 a.m.12 views

PYSEC-2026-187

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

6.5CVSS5.9AI score0.00667EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:35 a.m.12 views

CVE-2026-48726

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

9.1CVSS5.9AI score0.00667EPSS
Exploits0References4
Rows per page
Query Builder