Lucene search
K

10 matches found

CVE
CVE
added 4 days ago24 views

CVE-2026-10134

CVE-2026-10134 – Unauthenticated Server-Side RCE in Langflow OSS affects Langflow OSS 1.0.0–1.9.3. The vulnerability arises from a code-injection flaw via the PythonCodeStructuredTool in public flows, allowing an attacker to read secrets, read/modify flows, conversations, messages, files, and sav...

10CVSS5.8AI score0.00314EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47550

The /api/v1/ route surface trusts the bearer token alone for authorisation on most endpoints. The codebase itself admits this at internal/api/hosts.go:384: "API trusts the bearer token for authorisation; per-CA ownership is enforced only in the Web layer." The Web UI gates state-changing routes...

9.9CVSS5.6AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47621

Name of the Vulnerable Software and Affected Versions Nebula-Mesh versions prior to 0.3.4 Description An authorization gap in the /api/v1/ route surface allows non-admin operators to obtain broad cross-tenant access. The API trusts the bearer token for authorization without enforcing ownership...

9.9CVSS5.5AI score0.00024EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 7:16 p.m.10 views

CVE-2026-22872

Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant...

9.1CVSS0.0043EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/01 5:42 p.m.10 views

CVE-2026-22872 Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant...

8.2CVSS5.8AI score0.0043EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/01 5:36 p.m.12 views

CVE-2026-41013 Tenant-controlled comma smuggles arbitrary CIFS mount options

Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...

5.9AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Capsule 安全漏洞

Capsule is an open-source Kubernetes framework developed by Project Capsule. Versions prior to Capsule 0.13.0 have security vulnerabilities. These vulnerabilities stem from the processing of TenantResource RawItems, which does not set namespaces for cluster-wide resources. This could allow tenant...

9.1CVSS5.4AI score0.0043EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/28 5:2 p.m.9 views

Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability Summary The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Tenant administrators can...

9.1CVSS6AI score0.0043EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/09 8:1 a.m.7 views

CVE-2026-30820

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, Flowise trusts any HTTP client that sets the header x-request-from: internal, allowing an authenticated tenant session to bypass all /api/v1/ authorization checks. With only a browser...

8.8CVSS5.7AI score0.00477EPSS
Exploits1References1
PyPA
PyPA
added 2012/09/05 11:55 p.m.5 views

PYSEC-2012-19

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...

5.8CVSS7.3AI score0.02895EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder