CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE-2026-47349

Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...

5.3CVSS5.5AI score0.00036EPSS

Exploits0References1

NVD•added yesterday•5 views

CVE-2026-47349

5.3CVSS0.00036EPSS

Exploits0References3

EUVD•added yesterday•5 views

EUVD-2026-35396

5.3CVSS5.5AI score0.00036EPSS

Exploits0References3

Cvelist•added yesterday•23 views

CVE-2026-47349 TYPO3 CMS - Broken Access Control in Recycler

5.3CVSS0.00036EPSS

Exploits0References3

Vulnrichment•added yesterday•4 views

CVE-2026-47349 TYPO3 CMS - Broken Access Control in Recycler

5.3CVSS5.5AI score0.00036EPSS

Exploits0References3

CVE•added yesterday•10 views

CVE-2026-47349

CVE-2026-47349 affects TYPO3 CMS where backend users with access to the Recycler module could restore soft-deleted records on pages or tables they are not authorized to modify. Affected versions: 10.4.57 and earlier in 10.x; 11.0.0–11.5.51; 12.0.0–12.4.46; 13.0.0–13.4.31; 14.0.0–14.3.3. Root caus...

5.3CVSS5.5AI score0.00036EPSS

Exploits0References3

Positive Technologies•added yesterday•5 views

PT-2026-47742

5.3CVSS5.5AI score0.00036EPSS

Exploits0References4

OSV•added 2026/04/25 11:40 p.m.•2 views

GHSA-3GR9-485J-V4XF Note Mark: Unauthenticated read of notes and assets in soft-deleted public books

Summary After a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note ID or the slug path retain access. GORM's soft-delete scope does not...

5.3CVSS5.8AI score0.0004EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by