10272 matches found
ROS-20260515-73-0013
Vulnerability in grafana related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-122 (ALASKERNEL-5.4-2026-122)
The version of kernel installed on the remote host is prior to 5.4.302-224.471. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2026-122 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-119 (ALASKERNEL-5.10-2026-119)
The version of kernel installed on the remote host is prior to 5.10.253-252.1016. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-119 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag...
Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
GHSA-4G9M-RFFV-H6WQ Crabbox: authentication bypass vulnerability that allows impersonation of others by spoofing identity headers
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via spoofed X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a shared token. An attacker can gain unauthorized access to owner or organization-scoped lease operations by injecting malicious...
CVE-2026-44428 MCP Registry: GitHub OIDC tokens replayable across registry deployments due to shared audience
The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audience string, not to the specific registry instance being targeted. On the client side, the publisher...
CVE-2026-44428 MCP Registry: GitHub OIDC tokens replayable across registry deployments due to shared audience
The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audience string, not to the specific registry instance being targeted. On the client side, the publisher...
Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion
Summary Any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile authorization gate unconditionally grants access through its shared-chat branch. It checks neither the requesting...
Authorization Bypass Through User-Controlled Key
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the hasaccesstofile process. An attacker can permanently delete files owned by other users, as well as read or modify their contents, by leveraging access t...
GHSA-26G9-27VM-X3Q8 Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion
Summary Any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile authorization gate unconditionally grants access through its shared-chat branch. It checks neither the requesting...
GHSA-J6W6-986J-2M2M Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) via Image URL Manipulation
Summary An application-wide Cross-Site Request Forgery CSRF vulnerability was found Open-WebUl's image uploading functionality. An attacker can set an image URL to a malicious endpoint, allowing them to perform actions on behalf of a victim user. Any authenticated user can exploit this...
GHSA-JX2X-J75F-XQ3J Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access)
Summary The POST /api/v1/notes/id/pin endpoint performs a write operation toggling the ispinned field but only checks for read permission. Users with read-only access to a shared note can pin/unpin it, which is a state-modifying action that should require write permission. All other write endpoin...
CVE-2026-8621
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
CLSA-2026-1778769697 kernel: Fix of 31 CVEs
net: skbuff: propagate shared-frag marker through pskbcopy - HID: ignore non-functional sensor in HP 5MP Camera CVE-2025-21992 - net: fix crash when config small gsomaxsize/gsoipv4maxsize CVE-2024-50258 - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow CVE-2024-53042 - ALSA:...
CVE-2026-8621
Crabbox before v0.12.0 is affected by an authentication bypass where non-admin callers using a shared token can impersonate other owners or organizations by spoofing identity headers (X-Crabbox-Owner, X-Crabbox-Org). Attackers can bypass authorization and access owner/org-scoped lease operations ...
CVE-2026-8621 Crabbox < v0.12.0 Authentication Bypass via Header Spoofing
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
EUVD-2026-30369
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
CVE-2026-8621 Crabbox < v0.12.0 Authentication Bypass via Header Spoofing
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
CLSA-2026-1778783464 Update of kernel
net: skbuff: propagate shared-frag marker through pskbcopy...