Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

EUVD
EUVDadded 2026/03/16 9:34 p.m.0 views

EUVD-2026-12518

Mattermost versions 10.11.x = 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Mattermost Advisory ID: MMSA-2025-00531...

3.8CVSS5.8AI score0.00037EPSS
Exploits0References2
NVD
NVDadded 2026/03/16 9:16 p.m.2 views

CVE-2026-26230

Mattermost versions 10.11.x = 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Mattermost Advisory ID: MMSA-2025-00531...

3.8CVSS0.00037EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/06/01 2:47 p.m.5 views

CVE-2025-3611

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...

4.3CVSS6.6AI score0.00138EPSS
Exploits0References1
OSV
OSVadded 2022/11/27 3:15 a.m.1 views

CVE-2022-45932

A SQL injection issue was discovered in AAA in OpenDaylight ODL before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used...

7.5CVSS5.8AI score0.00289EPSS
Exploits1References2
Rows per page
Query Builder