EUVD-2026-30841

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

Twenty 跨站脚本漏洞

Twenty is an open-source CRM platform developed by Twenty. Versions of Twenty prior to 1.20.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient protocol validation and server-side checks in the BlockNote editor component, which could lead to storage-base...

CVE-2026-25045

Budibase is a low code platform for creating internal tools, workflows, and admin panels. This issue is a combination of Vertical Privilege Escalation and IDOR Insecure Direct Object Reference due to missing server-side RBAC checks in the /api/global/users endpoints. A Creator-level user, who...

AWS VDP: QuickSight Authorization Bypass: Chat Agents Accessible Despite Custom Permissions Denial

A vulnerability was discovered in Amazon Quick Suite formerly QuickSight that allowed users to access and interact with AI chat agents, despite administrative restrictions being in place to disable this functionality. The vulnerability was caused by the lack of proper server-side authorization...

Dell Wyse Management Suite WMS 安全漏洞

Dell Wyse Management Suite WMS is a cloud-based and on-premise management platform developed by the American company Dell. It is used for centralized management of Wyse lightweight terminal devices, supporting features such as remote configuration, firmware updates, and security policy management...

CVE-2026-25875

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...

CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...

PHP-Unrestricted-Upload-RCE

Executive Summary A comprehensive security assessment was pe...

CVE-2025-36410

IBM ApplinX 11.1 could allow an authenticated user to perform unauthorized administrative actions on the server due to server-side enforcement of client-side security...

PT-2026-3075

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Prior to 2.2.3 and 1.7.16, the API endpoint for listing Predefined Properties in the Pimcore platform lacks adequate server-side authorization checks. Predefined Properties are configurable metadata definitions e.g., name, key, typ...

PT-2025-51219

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authenticated users can update their entire user document beyond profile fields, including orgs/teams and loginDisabled, due to missing server-side authorization checks; this enables privileg...

CVE-2025-65780

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authenticated users can update their entire user document beyond profile fields, including orgs/teams and loginDisabled, due to missing server-side authorization checks; this enables privileg...

CVE-2025-58386

In Terminalfour 8 through 8.4.1.1, the userLevel parameter in the user management function is not subject to proper server-side authorization checks. A Power User can intercept and modify this parameter to assign the Administrator role to other existing lower-privileged accounts, or invite a new...

CVE-2025-58386

Terminalfour 8–8.4.1.1 contains a server-side authorization flaw in the userLevel parameter of the user management function. A Power User can intercept and modify this parameter to elevate existing accounts to Administrator or invite new accounts with escalated privileges, and can also change the...

EUVD-2025-200285

In Terminalfour 8 through 8.4.1.1, the userLevel parameter in the user management function is not subject to proper server-side authorization checks. A Power User can intercept and modify this parameter to assign the Administrator role to other existing lower-privileged accounts, or invite a new...

CVE-2025-7820

The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to Payment Bypass in all versions up to, and including, 1.4. This is due to the plugin only enforcing client side controls instead of server-side controls when processing payments. This makes it possible for unauthenticated attacke...

CVE-2025-10640

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive...

CVE-2025-62510

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression allowed folder visibility/ownership to be inferred from folder names. Low-privilege users could see or interact with folders matching their username and, in some...

CVE-2025-10640

CVE-2025-10640 affects EfficientLab’s WorkExaminer Professional (server components). An unauthenticated attacker who can reach TCP port 12306 can bypass server-side authentication due to a missing validation in the protocol call to an MSSQL stored procedure; the client-side validation is relied u...

CVE-2025-62510

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression allowed folder visibility/ownership to be inferred from folder names. Low-privilege users could see or interact with folders matching their username and, in some...