CVE-2026-40995

CVE-2026-40995 affects Spring Web Services versions 3.1.0–3.1.8, 4.0.0–4.0.18, 4.1.0–4.1.3, and 5.0.0–5.0.1. The issue arises in the X509AuthenticationProvider, which could issue a fully authenticated X509AuthenticationToken when a presented certificate maps to a UserDetails, without applying Spr...

CVE-2026-7887

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...

EUVD-2026-31364

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...

CVE-2026-7887

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...

CVE-2026-7887

Summary: CVE-2026-7887 affects Concrete CMS 9.5.0 and earlier. The OAuth 2.0 Authorization-Code Handler does not enforce account status, allowing a user with uIsActive=0 (suspended/banned/terminated) to authenticate and obtain API tokens. What’s affected: Concrete CMS versions prior to 9.5.1 (per...

CVE-2026-7887

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...

EUVD-2026-25334

OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the sessionstatus function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invocations. Attackers can invoke sessionstatus without sandbox constraints to bypass session-policy...

CVE-2026-41350

OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the sessionstatus function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invocations. Attackers can invoke sessionstatus without sandbox constraints to bypass session-policy...

Ajax Load More < 7.6.1 - Unauthenticated Sensitive Information Exposure

The Ajax Load More – Infinite Scroll plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.6.0.2. The plugin's AJAX endpoint wpajaxnoprivalmgetposts allows unauthenticated users to access non-public posts draft, private, pending, future, tras...

nginx 1.27.2 < 1.28.3 / 1.29.x < 1.29.7 OCSP Result Bypass

The installed version of nginx is 1.27.2 prior to 1.28.3, or 1.29.x prior to 1.29.7. It is, therefore, affected by the following issue : - NGINX Plus and NGINX Open Source have a vulnerability in the ngxstreamsslmodule module due to the improper handling of revoked certificates when configured wi...

CVE-2026-34738

WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and dra...

AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

Summary AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and draft workflows. The setStatus method validates the status code again...

OCSP result bypass in stream

OCSP result bypass in stream Severity: medium CVE-2026-28755 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.27.2-1.29.6...

CVE-2026-33290 WPGraphQL Repo's updateComment allows low-privileged authenticated users to change comment moderation status (comment_approved) without moderate_comments permission

WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.10.0, an authorization flaw in updateComment allows an authenticated low-privileged user including a custom role with zero capabilities to change moderation status of their own comment for example to APPROVE without the...

CVE-2026-28559

wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that...

CVE-2025-14757

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

CVE-2025-14757

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

CVE-2025-14757

CVE-2025-14757 affects Cost Calculator Builder (WordPress) up to version 3.6.9 when used with Cost Calculator Builder PRO. Root cause: the complete_payment AJAX action is registered via wp_ajax_nopriv, allowing unauthenticated access, and the complete() check only validates a nonce, not user capa...

CVE-2025-14757 Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

PT-2026-3234

Name of the Vulnerable Software and Affected Versions Cost Calculator Builder plugin for WordPress versions prior to 3.7.0 Description The Cost Calculator Builder plugin for WordPress is susceptible to an unauthenticated payment status bypass. This occurs because the complete payment AJAX action ...