Lucene search
K

130 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40441

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser,...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.9 views

CVE-2026-56333

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser,...

5.3CVSS0.00234EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:8 p.m.19 views

CVE-2026-56333

Capgo before 12.128.2 is affected by a server-side validation bypass in organization security settings. The vulnerability lets authenticated org admins bypass backend validation by directly updating the public.orgs table from the browser, bypassing field-level checks such as max_apikey_expiration...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.4 views

CVE-2026-56333

Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser,...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 10:4 a.m.18 views

CVE-2026-34027

The CVE-2026-34027 entry concerns Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014). The vulnerability lies in insufficient server-side file type validation at /safe/contract/uploadcustomdocuments, where uploaded files are gated by a user-controlled Content-Type value and accepte...

5.3CVSS5.5AI score0.00305EPSS
Exploits1References2
OSV
OSV
added 2026/06/09 11:0 p.m.5 views

CVE-2026-46491 SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion

SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an attacker-controll...

8.6CVSS6AI score0.00422EPSS
Exploits0References5
CVE
CVE
added 2026/05/29 12:59 p.m.30 views

CVE-2026-47696

WWBN AVideo (29.0 and earlier) has a wallet-credit bypass in the AuthorizeNet processPayment.json.php endpoint. The code credits the logged-in user’s wallet based only on an attacker-controlled POST amount, using a TODO for real charging, hardcoded $paymentSuccess = true, and calling YPTWallet::a...

7.1CVSS5.9AI score0.0012EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/19 6:4 a.m.53 views

CVE-2026-8830 Keycloak: org.keycloak/keycloak-services: keycloak: policy bypass during webauthn credential registration via client-side javascript manipulation

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

4.3CVSS0.00392EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-41833

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. The issue exists because the server-side processAction...

4.3CVSS5.2AI score0.00392EPSS
Exploits0References18
OSV
OSV
added 2026/05/14 2:52 p.m.7 views

GHSA-X5V6-PJ28-CWWM FlowiseAI has Mass Assignment in Tool Update Endpoint that Allows Cross-Workspace Resource Reassignment

Summary A Mass Assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating a tool resource. Due to missing server-side validation and...

7.6CVSS5.9AI score0.00195EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.16 views

PT-2026-40975

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the variable update endpoint '/api/v1/variables/variableId'. This allows authenticated users to modify server-controlled properties by including them in the JSON...

9.6CVSS5.6AI score0.00254EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

WordPress plugin Login as User 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.8AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:22 p.m.7 views

CVE-2026-35594

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...

6.5CVSS5.7AI score0.00268EPSS
Exploits1References1
NVD
NVD
added 2026/04/10 4:16 p.m.3 views

CVE-2026-35594

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...

6.5CVSS0.00268EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.8 views

Vikunja 代码问题漏洞

Vikunja is an open-source to-do application developed by Vikunja. Versions of Vikunja prior to 2.3.0 had code vulnerabilities. These vulnerabilities stemmed from the fact that link-sharing authentication was entirely based on JWT claims, without server-side database validation. As a result, delet...

6.5CVSS5.9AI score0.00268EPSS
Exploits1References5
NVD
NVD
added 2026/04/03 9:17 p.m.7 views

CVE-2026-22661

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS0.00363EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.9 views

SourceCodester Loan Management System 安全漏洞

The SourceCodester Loan Management System is an open-source loan management system developed by SourceCodester. Version 1.0 of the SourceCodester Loan Management System has security vulnerabilities. These vulnerabilities stem from defects in the business logic and improper server-side validation,...

6.5CVSS5.8AI score0.00313EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/12 8:27 p.m.5 views

CVE-2026-2229

ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the servermaxwindowbits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. ...

7.5CVSS5.8AI score0.00874EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/06 10:19 p.m.7 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the Object.assign function. An attacker can manipulate internal entity fields such as id, createdDate, and chatId by...

9.2CVSS5.8AI score0.12902EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/23 6:19 a.m.8 views

CVE-2026-24035

Horilla is a free and open source Human Resource Management System HRMS. An Improper Access Control vulnerability exists in Horilla HR Software starting in version 1.4.0 and prior to version 1.5.0, allowing any authenticated employee to upload documents on behalf of another employee without prope...

4.3CVSS5.6AI score0.00289EPSS
Exploits1References1
Rows per page
Query Builder