Lucene search
+L

185 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-11889

SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...

7.1CVSS0.00192EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-11889 SALTO ProAccess Space Authorization Bypass Through User-Controlled Key

SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...

7.1CVSS0.00192EPSS
Exploits0References2
CVE
CVE
added 3 days ago11 views

CVE-2026-11889

CVE-2026-11889 concerns SALTO ProAccess Space software with the tenancy/partition feature. The issue enables privilege escalation that could let an authenticated attacker access any space managed by the affected installation. Exploitation requires valid authenticated operator credentials and the ...

7.1CVSS6.1AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-45039

SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...

7.1CVSS6.1AI score0.00192EPSS
Exploits0References2
NVD
NVD
added 4 days ago10 views

CVE-2026-54052

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.56.1, in HTTP mode with multi-tenancy enabled through ENABLEMULTITENANT=true, n8n-mcp's local workflow version history backups were not isolated per tenant, allowing an...

9.9CVSS0.00389EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 9:16 p.m.8 views

CVE-2026-57230

OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and analytics API in enterprise editions with multi-tenancy enabled built ClickHouse queries by inserting user input into the query string, including two positions that took input without escaping, allowing an...

5.4CVSS0.00207EPSS
Exploits0References4
CVE
CVE
added 2026/07/10 8:47 p.m.11 views

CVE-2026-57230

OpenReplay (self-hosted session replay) prior to 1.27.0 is affected by an authenticated SQL injection in the session search and analytics API for enterprise editions with multi-tenancy enabled. The vulnerability arises from building ClickHouse queries by inserting user input into the query string...

5.4CVSS6.1AI score0.00207EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/10 8:47 p.m.33 views

CVE-2026-57230 OpenReplay: Authenticated ClickHouse SQL injection via session search

OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and analytics API in enterprise editions with multi-tenancy enabled built ClickHouse queries by inserting user input into the query string, including two positions that took input without escaping, allowing an...

5.4CVSS0.00207EPSS
Exploits0References4
OSV
OSV
added 2026/07/10 8:47 p.m.3 views

CVE-2026-57230 OpenReplay: Authenticated ClickHouse SQL injection via session search

OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and analytics API in enterprise editions with multi-tenancy enabled built ClickHouse queries by inserting user input into the query string, including two positions that took input without escaping, allowing an...

5.4CVSS6.1AI score0.00207EPSS
Exploits0References6
CVE
CVE
added 2026/07/04 12:49 p.m.20 views

CVE-2025-13475

Technical details about CVE-2025-13475 are not publicly available in the provided documents. Monitor for updates.

7.3CVSS5.9AI score0.00158EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/04 12:49 p.m.9 views

CVE-2025-13475

In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. Consent granted by a user for a specific SaaS application within one tenant can be incorrectly applied to SaaS applications with the same name in other tenants,...

3.5CVSS5.9AI score0.00158EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/06/26 8:55 p.m.43 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
OSV
OSV
added 2026/06/26 8:55 p.m.7 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS6.1AI score0.00386EPSS
Exploits1References3
OSV
OSV
added 2026/06/25 12:27 a.m.3 views

MGASA-2026-0232 Updated nats-server packages fix security vulnerabilities

nats-server and its dependencies are updated to fix CVE-2025-30215 Missing access controls for JS API in multi-tenancy...

9.6CVSS5.8AI score0.00583EPSS
Exploits0References3
Mageia
Mageia
added 2026/06/25 12:27 a.m.9 views

Updated nats-server packages fix security vulnerabilities

nats-server and its dependencies are updated to fix CVE-2025-30215 Missing access controls for JS API in multi-tenancy...

9.6CVSS5.8AI score0.00583EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/23 11:12 p.m.13 views

Snipe-IT API Vulnerable to Cross-Tenant Accessory Injection

Impact A cross-tenant data injection vulnerability was identified in the Snipe-IT Accessories API when Full Multiple Companies Support FMCS is enabled. A low-privileged authenticated user belonging to one company can create an accessory record under another company by supplying a foreign companyi...

8.5CVSS5.8AI score0.00389EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51642

Name of the Vulnerable Software and Affected Versions Snipe-IT affected versions not specified Description An authorization bypass exists in the BulkAssetsController::update function. The system accepts the company id variable directly from user input without utilizing the standard company-scopin...

6.3CVSS5.9AI score
Exploits0References5
OSV
OSV
added 2026/06/18 1:7 p.m.6 views

GHSA-6X8V-2FQ5-2229 ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers

Summary A flaw in the user lifecycle enforcement allowed deleted users to retain their original organization/tenant association. Recreating a deleted user under a distinct organization can cause the new user instance to be incorrectly provisioned within the original organization if the previous I...

2.3CVSS5.5AI score0.00286EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.20 views

PT-2026-50739

Name of the Vulnerable Software and Affected Versions ZITADEL versions 4.0.0 through 4.15.1 ZITADEL versions 3.0.0 through 3.4.11 Description A flaw in user lifecycle enforcement allows deleted users to retain their original organization or tenant association. When a user is deleted, the historic...

2.3CVSS5.9AI score0.00286EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/15 9:55 p.m.8 views

CVE-2026-48599 Authorization bypass via path binding override in elixir-grpc/grpc HTTP transcoding

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In...

7.6CVSS5.3AI score0.00273EPSS
Exploits0References4
Rows per page
Query Builder