Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/04/08 2:28 p.m.1 views

CVE-2026-39389 CI4MS has a Hidden Items Authorization Bypass in Fileeditor Allows Reading Secrets and Writing Protected Files

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, This vulnerability is fixed in 0.31.4.0...

6.7CVSS5.8AI score0.00471EPSS
Exploits1References1
CVE
CVEadded 2026/03/10 7:1 p.m.11 views

CVE-2026-26308

Envoy CVE-2026-26308 affects the Envoy RBAC filter. The issue arises from how multiple HTTP header values are validated: instead of validating each value separately, Envoy concatenates all values into a single comma-separated string, allowing bypass of Deny rules under RBAC. Affects versions prio...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References2Affected Software1
SUSE Linux
SUSE Linuxadded 2025/12/09 11:34 a.m.2 views

Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Updated...

8.5CVSS7.2AI score0.0045EPSS
Exploits5References28
OSV
OSVadded 2024/05/02 4:15 p.m.3 views

CVE-2024-32359

An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster...

6.9CVSS6.2AI score0.00228EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2023/07/10 12:0 a.m.3 views

The vulnerability of operating systems for managing cloud applications, such as Sealos, stems from deficiencies in authentication procedures. This allows attackers to escalate their privileges and gain full control over the application.

The vulnerability of operating systems for managing cloud applications related to Sealos stems from deficiencies in authentication procedures due to the use of Role-Based Access Control RBAC policies. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain full...

10CVSS7.8AI score0.00591EPSS
Exploits0References4Affected Software1
CNVD
CNVDadded 2016/03/04 12:0 a.m.2 views

Cisco Policy Suite Confidential Information Disclosure Vulnerability

Cisco Policy Suite CPS is a set of next-generation policy management solutions from the U.S. company Cisco Cisco. The program provides user-based business rules, applications and network resources such as real-time management. A security vulnerability exists in the password-management...

5.3CVSS6.8AI score0.01114EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2015/02/11 8:16 p.m.3 views

Management: Limited RBAC authorization bypass

It was discovered that the Role Based Access Control RBAC implementation did not sufficiently verify all authorization conditions that are required by the Maintainer role to perform certain administrative actions. An authenticated user with the Maintainer role could use this flaw to add, modify, ...

4CVSS5.8AI score0.0126EPSS
Exploits0References4
Rows per page
Query Builder