CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 6 days ago•10 views

NocoDB: Stored Cross-Site Scripting via Form View Redirect URL

Summary The shared form-view submit handler in NocoDB writes the form's redirecturl to window.location.href after a same-host check that does not validate the URL scheme. A user with editor role or above on any base can plant a javascript: URL in the form's redirecturl; when an authenticated view...

5.8AI score

Exploits0References3Affected Software1

OSV•added 6 days ago•3 views

GHSA-5X9F-6VG5-QG4M Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token

Summary SAML.getSession internal/pkg/auth/interceptor/saml.go checks the Used flag on a SAMLAssertion resource and then marks it used in two separate state operations. Because the check and the update are not atomic, concurrent requests carrying the same saml-session token can both observe Used =...

7CVSS5.4AI score

Exploits0References4

Github Security Blog•added 6 days ago•12 views

Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token

5.4AI score

Exploits0References4Affected Software1

Positive Technologies•added 6 days ago•7 views

PT-2026-46987

7CVSS5.4AI score

Exploits0References5

Positive Technologies•added 6 days ago•9 views

PT-2026-47085

Summary The shared form-view submit handler in NocoDB writes the form's redirect url to window.location.href after a same-host check that does not validate the URL scheme. A user with editor role or above on any base can plant a javascript: URL in the form's redirect url; when an authenticated...

8.4CVSS5.8AI score

Exploits0References4

RedhatCVE•added 2026/06/02 4:1 p.m.•7 views

CVE-2026-45040

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUSTLOG=debug sensitive credentials including SessionToken JWT, SecretAccessKey, and full JWT claims are printed in...

RedhatCVE•added 2026/06/01 10:4 p.m.•7 views

CVE-2026-45690

A flaw was found in Nextcloud Server. This vulnerability allows a remote attacker, with knowledge of a user's password, to bypass two-factor authentication 2FA protections. When a user attempts to log in with valid credentials on a 2FA-enabled account, a temporary session token is generated befor...

Vulnrichment•added 2026/06/01 5:8 p.m.•6 views

Exploits0References2

CVE-2026-45690 Nextcloud: Two-Factor Authentication Bypass via Pending Session Token Replay

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authentication bypass vulnerability allowed attackers with knowledge of a user's password to circumvent two-factor authentication 2FA protections...

ATTACKERKB•added 2026/06/01 5:8 p.m.•7 views

Exploits0References3

CVE-2026-45690

Exploits0References4Affected Software1

Cvelist•added 2026/06/01 5:8 p.m.•28 views

CVE-2026-45690 Nextcloud: Two-Factor Authentication Bypass via Pending Session Token Replay

5.9CVSS0.00063EPSS

Exploits0References3

EUVD•added 2026/06/01 5:8 p.m.•9 views

EUVD-2026-33716

CVE•added 2026/06/01 5:8 p.m.•17 views

Exploits0References3

CVE-2026-45690

Nextcloud Server versions 32.0.0–32.0.9 and 33.0.0–33.0.3 expose an authentication bypass where, after valid credentials are entered on a 2FA-enabled account, a temporary session token is created before the second factor is enforced. The token can be extracted and replayed via HTTP Basic Authenti...

Exploits0References3Affected Software1

Positive Technologies•added 2026/06/01 12:0 a.m.•14 views

PT-2026-45534

ATTACKERKB•added 2026/05/29 8:4 a.m.•6 views

Exploits0References4

CVE-2026-10056

CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard security mode, on Linux and Windows allows an unauthenticated remote attacker to steal the session token of an authenticated user and perform Administrator Account...

7.5CVSS5.8AI score0.00083EPSS

Exploits0References2

Vulnrichment•added 2026/05/29 8:4 a.m.•7 views

CVE-2026-10056 CORS misconfiguration in Nx Witness VMS allows session token exfiltration via cross-origin request

7.5CVSS5.8AI score0.00083EPSS

Vulnrichment•added 2026/05/28 6:35 p.m.•4 views

CVE-2026-45040 RustFS: Sensitive Information Leakage (SessionToken and SecretAccessKey) in RustFS Logs [Debug Mode]

CVE•added 2026/05/28 6:35 p.m.•15 views

CVE-2026-45040

RustFS (Rust-based distributed object storage) prior to version 1.0.0-beta.2 leaks sensitive credentials in logs when RUST_LOG=debug, including SessionToken (JWT), SecretAccessKey, and full JWT claims. The issue’s impact is information disclosure in server logs. Mitigation is upgrading to 1.0.0-b...

EUVD•added 2026/05/28 6:35 p.m.•10 views

EUVD-2026-32997

Positive Technologies•added 2026/05/28 12:0 a.m.•9 views

PT-2026-44468

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUST LOG=debug sensitive credentials including SessionToken JWT, SecretAccessKey, and full JWT claims are printed in...