Lucene search
K

1133 matches found

Cvelist
Cvelist
added 2026/05/07 6:49 p.m.41 views

CVE-2026-42239 Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

8.1CVSS0.00283EPSS
Exploits1References2
OSV
OSV
added 2026/05/07 6:49 p.m.5 views

CVE-2026-42239 Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

8.1CVSS5.9AI score0.00283EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.16 views

CVE-2026-42084

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS5.7AI score0.00305EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.16 views

PT-2026-39268

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description Open WebUI fails to validate that passwords are non-empty before performing LDAP Simple Bind authentication. On LDAP servers that permit unauthenticated empty-password binds, an attacker can...

9.4CVSS5.8AI score0.01461EPSS
Exploits1References14
ATTACKERKB
ATTACKERKB
added 2026/05/04 6:38 p.m.7 views

CVE-2026-42235

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an unauthenticated attacker could register a malicious MCP OAuth client with a crafted clientname. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that...

8.8CVSS6AI score0.00332EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/05/04 6:16 p.m.10 views

CVE-2026-42084

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS0.00305EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/04 5:11 p.m.5 views

CVE-2026-42084 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS5.7AI score0.00305EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/04 5:11 p.m.11 views

EUVD-2026-27057

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS5.7AI score0.00305EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:11 p.m.7 views

CVE-2026-42084

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS5.7AI score0.00305EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/05/04 5:11 p.m.22 views

CVE-2026-42084

OpenC3 COSMOS is affected by a credential change vulnerability where the password change feature accepts a valid session token in lieu of the old password. This flaw, present prior to versions 6.10.5 and 7.0.0-rc3, allows an attacker who already holds a valid session token to change the password ...

8.1CVSS5.7AI score0.00305EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/05/04 5:11 p.m.34 views

CVE-2026-42084 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS0.00305EPSS
Exploits1References4
OSV
OSV
added 2026/05/04 5:11 p.m.4 views

CVE-2026-42084 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...

8.1CVSS5.9AI score0.00305EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/04/29 9:23 p.m.11 views

n8n Vulnerable to XSS via MCP OAuth client

Impact An unauthenticated attacker could register a malicious MCP OAuth client with a crafted clientname. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that access, a toast notification would render the injected script. Clicking the link would execute...

9.6CVSS5.8AI score0.00332EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/25 11:40 p.m.6 views

GHSA-PXF8-6WQM-R6HH Note Mark: OIDC-registered users authenticated by submitting password "null"

Summary IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt"null" placeholder whenever a user has no stored password. OIDC-registered users are created with an empty password, so anyone who submits password: "null" to the internal login endpoint receives a valid session for...

9.4CVSS5.8AI score0.00296EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/24 4:18 p.m.23 views

Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover

Summary The budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. Given that Budibase has had XSS vulnerabilities GHSA-gp5x-2v54-v2q5 — stored XSS via unsanitized enti...

8.1CVSS5.5AI score0.00283EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/22 10:13 p.m.9 views

GHSA-WGX6-G857-JJF7 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

Summary The OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid session token instead. In assumed breach scenarios, this behaviour can be exploited by an attacker who has already obtained a valid session token, to ga...

8.1CVSS5.8AI score0.00305EPSS
Exploits1References7
Snyk
Snyk
added 2026/04/22 10:13 p.m.8 views

Unverified Password Change

Overview Affected versions of this package are vulnerable to Unverified Password Change via the verifynoservice process in openc3/lib/openc3/models/authmodel.rb and openc3-cosmos-cmd-tlm-api/app/controllers/authcontroller.rb. An attacker can change a password by supplying a valid session token to...

8.6CVSS5.8AI score0.00305EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/22 10:13 p.m.10 views

OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

Summary The OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid session token instead. In assumed breach scenarios, this behaviour can be exploited by an attacker who has already obtained a valid session token, to ga...

8.1CVSS5.8AI score0.00305EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-36878

Name of the Vulnerable Software and Affected Versions OpenC3 COSMOS versions prior to 6.10.5 OpenC3 COSMOS versions prior to 7.0.0-rc3 Description The password change functionality allows a user to change their password without providing the current password, as the system accepts a valid session...

8.1CVSS5.8AI score0.00305EPSS
Exploits1References11
RubySec
RubySec
added 2026/04/22 12:0 a.m.8 views

OpenC3 COSMOS - Hijacked session token can be used to reset password for persistence

Summary The OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid session token instead. In assumed breach scenarios, this behaviour can be exploited by an attacker who has already obtained a valid session token, to ga...

8.1CVSS5.8AI score0.00305EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder