206 matches found
CVE-2026-59805
Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...
CVE-2026-59805 Gumroad < 2026.07.06.2 - Insecure Direct Object Reference in PurchasesController
Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...
EUVD-2026-42374
Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...
CVE-2026-59805 Gumroad < 2026.07.06.2 - Insecure Direct Object Reference in PurchasesController
Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...
PT-2026-56567
Name of the Vulnerable Software and Affected Versions Gumroad versions prior to 2026.07.06.2 Description Broken access control in the PurchasesController allows authenticated sellers to manipulate purchase access for products belonging to other sellers. By sending PUT requests to the revoke acces...
GO-2026-5304 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao
OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/revoke,renew — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in unlockfilesystem. If we try to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This occurs currently because the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the issue of double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned...
PT-2026-51109
Summary OpenBao users with access to the sys/leases/revoke/:lease id endpoint in any namespace can revoke leases in any other namespace as long as the lease identifier is known to them, bypassing ACLs that should apply for cross-namespace revocations. Impact OpenBao's namespaces provide...
Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-126 (ALASDOCKER-2026-126)
The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-126 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...
CVE-2026-7624 SEO Plugin by Squirrly SEO <= 12.4.16 - Missing Authorization to Authenticated (Contributor+) Privileged Cloud API Operations
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
CVE-2026-7624
The CVE concerns the SEO Plugin by Squirrly SEO for WordPress, vulnerable to an authorization bypass in all versions up to and including 12.4.16. The underlying issue is that the plugin fails to verify a user’s authorization before performing privileged cloud API operations. As a result, authenti...
EUVD-2026-34956
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
WordPress plugin SEO Plugin by Squirrly SEO 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-4002
The Petje.af plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 2.1.8. This is due to missing nonce validation in the ajaxrevoketoken function which handles the 'petjeafdisconnect' AJAX action. The function performs destructive operations includin...
NocoDB: OAuth Tokens Persist Through Security Events
Summary OAuth access and refresh tokens were not revoked when the user changed, reset, or recovered their password, leaving an attacker-issued OAuth grant valid after the user believed they had locked the attacker out. Details revokeAllOAuthTokensByUser in the users service was an empty stub bein...
PYSEC-2026-187
A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...
PYSEC-0000-CVE-2026-48726
A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...
PYSEC-2026-187
A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...
CVE-2026-48726
A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...