Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/04/02 10:55 p.m.3 views

CVE-2026-34376

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.0, an access-control vulnerability allows unauthenticated users to retrieve password-protected shared PDFs by directly calling the file-serving endpoint without...

7.5CVSS5.7AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.2 views

CVE-2026-34586

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.1, checksharedaccessallowed validates only session existence — it does not check SharedPdf.inactive expiration / max views or SharedPdf.deleted. The Serve and...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/04/01 5:5 p.m.16 views

CVE-2026-34376 PdfDing: Password-protected share bypass via direct serve endpoint

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.0, an access-control vulnerability allows unauthenticated users to retrieve password-protected shared PDFs by directly calling the file-serving endpoint without...

7.5CVSS0.0037EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/01 5:5 p.m.3 views

CVE-2026-34376

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.0, an access-control vulnerability allows unauthenticated users to retrieve password-protected shared PDFs by directly calling the file-serving endpoint without...

7.5CVSS5.7AI score0.0037EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/01 5:5 p.m.7 views

CVE-2026-34376

PdfDing is vulnerable prior to version 1.7.0 due to an access-control flaw that allowed unauthenticated retrieval of password‑protected shared PDFs via the direct file‑serving endpoint without completing the password verification flow. This could expose confidential documents intended to be prote...

7.5CVSS5.7AI score0.0037EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/31 8:27 p.m.2 views

CVE-2026-34586

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.1, checksharedaccessallowed validates only session existence — it does not check SharedPdf.inactive expiration / max views or SharedPdf.deleted. The Serve and...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2026/03/31 8:27 p.m.3 views

CVE-2026-34586 PdfDing: Shared PDF Expiration, Max Views, and Deletion Bypass via Serve/Download Endpoints

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.1, checksharedaccessallowed validates only session existence — it does not check SharedPdf.inactive expiration / max views or SharedPdf.deleted. The Serve and...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References5
Rows per page
Query Builder