Lucene search
+L

80168 matches found

CVE
CVE
added 9 hours ago5 views

CVE-2026-16222

CVE-2026-16222 affects 1Panel-dev CordysCRM up to version 1.4.1. The vulnerability involves server-side request forgery caused by manipulating the mkAddress argument in the TokenService.java file under the Third Party Endpoint (backend/crm/src/main/java/cn/cordys/crm/integration/sso/service/Token...

6.5CVSS6.2AI score
Exploits0References8
NVD
NVD
added 12 hours ago8 views

CVE-2026-16206

A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function loadidtoken of the file oauth2provider/oauth2validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the...

6.5CVSS
Exploits0References7
Nuclei
Nuclei
added 13 hours ago14 views

Apache Kafka Client - Arbitrary File Read

Apache Kafka Client contains arbitrary file read and server-side request forgery caused by untrusted configuration of sasl.oauthbearer.token.endpoint.url and sasl.oauthbearer.jwks.endpoint.url, letting attackers read files or send requests to unintended locations, exploit requires untrusted party...

7.5CVSS7.5AI score0.63637EPSS
Exploits2References2
Nuclei
Nuclei
added 13 hours ago18 views

OneDev < 4.0.3 - User Access Token Leak

OneDev before version 4.0.3 contains an insecure endpoint that allows retrieval of arbitrary user details, including access tokens, due to missing security checks on /users/id, letting attackers leak sensitive data and impersonate users, exploit requires no special conditions. id: CVE-2021-21246...

8.6CVSS7.5AI score0.49051EPSS
Exploits0References4
Nuclei
Nuclei
added 13 hours ago12 views

SiYuan <= 3.6.5 - Unauthenticated Path Traversal

SiYuan = 3.6.5 contains a path traversal via double URL-encoding in the /assets/ route publish mode port 6808, allowing unauthenticated attackers to read arbitrary files inside WorkspaceDir including conf/conf.json which exposes the API token and access auth code. id: CVE-2026-54066 info: name:...

7.5CVSS5.4AI score0.01892EPSS
Exploits0References1
Nuclei
Nuclei
added 13 hours ago19 views

Dgraph <= 25.3.2 - Admin Token Disclosure

Dgraph = 25.3.2 contains an information disclosure caused by unauthenticated access to the /debug/vars endpoint , which publishes the cmdline variable including the --security token= flag, letting unauthenticated remote attackers retrieve the admin token and access admin-only endpoints, exploit...

9.8CVSS5.3AI score0.02187EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago31 views

WP Directory Kit <= 1.4.4 - Authentication Bypass

The WP Directory Kit plugin for WordPress version 1.4.4 and below contains an authentication bypass vulnerability in its auto-login functionality. The vulnerability allows unauthenticated attackers to gain administrative access by exploiting a cryptographically weak token generation mechanism tha...

10CVSS7.6AI score0.0472EPSS
Exploits3References4
Nuclei
Nuclei
added 13 hours ago35 views

RestroPress 3.0.0-3.2.1 - Authentication Bypass

RestroPress Online Food Ordering System WordPress plugin 3.0.0 to 3.1.9.2 contains an authentication bypass caused by exposure of user private tokens and API data via /wp-json/wp/v2/users endpoint, letting unauthenticated attackers forge JWT tokens and authenticate as other users including...

9.8CVSS8.3AI score0.02196EPSS
Exploits6References2
Nuclei
Nuclei
added 13 hours ago33 views

ownCloud Guests - User Enumeration

ownCloud Guests before 0.12.5 contains an unauthenticated user enumeration vulnerability caused by insufficient validation of the token in showPasswordForm at /apps/guests/register/email/token, letting unauthenticated attackers enumerate valid guest users, exploit requires no authentication. id:...

5.3CVSS5.2AI score0.00908EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago174 views

Cisco IOS XE WLC - Arbitrary File Upload

A vulnerability in the Out-of-Band Access Point AP Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web...

10CVSS8.5AI score0.17894EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago14 views

FUXA <= 1.2.7 - Hardcoded JWT Secret Authentication Bypass

FUXA v1.2.7 contains a hardcoded credentials vulnerability caused by use of a hard-coded secret key in server/api/jwt-helper.js, letting remote attackers forge admin tokens and bypass authentication, exploit requires no special conditions. id: CVE-2025-69971 info: name: FUXA = 1.2.7 - Hardcoded J...

9.8CVSS5.3AI score0.02036EPSS
Exploits0References3
Nuclei
Nuclei
added 13 hours ago78 views

CasaOS < 0.4.4 - Authentication Bypass via Random JWT Token

CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as root on CasaOS instances. This problem was addressed by improving the validation of JWTs in commit 705bf1f...

9.8CVSS9AI score0.06789EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago22 views

Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure

The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuratio...

10CVSS5.2AI score0.01842EPSS
Exploits0References3
Cvelist
Cvelist
added 13 hours ago12 views

CVE-2026-16206 django-oauth django-oauth-toolkit oauth2_validators.py _load_id_token session expiration

A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function loadidtoken of the file oauth2provider/oauth2validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the...

6.5CVSS
Exploits0References7
CVE
CVE
added 13 hours ago11 views

CVE-2026-16206

Affected software: django-oauth-toolkit 3.3.0. Root cause: manipulation in the function _load_id_token within oauth2_provider/oauth2_validators.py. Impact as stated: session expiration. Attack can be initiated remotely over the network. Status of remediation: not provided in the connected documen...

6.5CVSS6.2AI score
Exploits0References7
EUVD
EUVD
added 13 hours ago8 views

EUVD-2026-45417

A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function loadidtoken of the file oauth2provider/oauth2validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the...

6.5CVSS6.2AI score
Exploits0References7
EUVD
EUVD
added 15 hours ago11 views

EUVD-2026-45405

QueryWeaver contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain valid session tokens for existing accounts by submitting a signup request with a known victim email address. The signup route unconditionally creates and links a new token to the matching...

8.8CVSS5.4AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 16 hours ago8 views

PT-2026-61040

A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function load id token of the file oauth2 provider/oauth2 validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of th...

6.5CVSS6.2AI score
Exploits0References7
Cvelist
Cvelist
added yesterday29 views

CVE-2026-10130 QueryWeaver Authentication Bypass via Email Signup Token Issuance for Existing Accounts

QueryWeaver contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain valid session tokens for existing accounts by submitting a signup request with a known victim email address. The signup route unconditionally creates and links a new token to the matching...

8.8CVSS
Exploits0References3
CVE
CVE
added yesterday13 views

CVE-2026-10130

QueryWeaver (CVE-2026-10130) contains an authentication bypass where the signup route unconditionally creates and links a new token to the victim Identity via a Cypher MERGE before verifying email ownership, enabling unauthenticated attackers to obtain valid session tokens for existing accounts a...

8.8CVSS5.5AI score
Exploits0References3
Rows per page
Query Builder