Lucene search
K

293 matches found

OSV
OSV
added 2026/05/14 1:13 p.m.44 views

GHSA-FFG9-J72F-J6XM Fleet Windows MDM Azure AD JWT Authentication Bypass

Summary A vulnerability in Fleet's Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. Because Fleet validates JWT signatures using Microsoft's multi-tenant JWKS endpoint but does not enforce the aud audience or iss issuer claims, any Microsoft-signed...

8.2CVSS5.8AI score0.00381EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.21 views

PT-2026-40969

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.82.0 Description A flaw in the Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. The software validates JWT JSON Web Token signatures using Microsoft's multi-tenant JWKS...

8.2CVSS5.8AI score0.00381EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017610 advisory. The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action...

7.5CVSS6.8AI score0.04808EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2026/04/24 12:0 a.m.89 views

📄 Open WebUI 0.8.11 Information Disclosure

A potential access control issue was identified in Open WebUI where the Tools API and associated “valves” endpoints may expose sensitive configuration data when accessed with valid authentication tokens. The affected endpoints allow retrieval of tool metadata and configuration structures that may...

5.4AI score
Exploits0
Patchstack
Patchstack
added 2026/04/16 9:5 a.m.9 views

WordPress Barcode Scanner (+Mobile App) plugin <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability

Unauthenticated Privilege Escalation via Insecure Token Authentication vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Barcode Scanner with Inventory & Order Manager versions = 1.11.0...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/04/16 12:16 a.m.7 views

CVE-2026-4880

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS0.00503EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

WordPress plugin Barcode Scanner 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 11:25 p.m.10 views

CVE-2026-4880

The CVE concerns the WordPress plugin Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS, affected up to version 1.11.0. The root cause is insecure token-based authentication where the plugin trusts a user-supplied Base64-encoded user ID in the token parameter to ide...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/15 11:25 p.m.39 views

CVE-2026-4880 Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthenticated Privilege Escalation via Insecure Token Authentication

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS0.00503EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/15 11:25 p.m.11 views

CVE-2026-4880

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/15 7:19 p.m.9 views

Data Sharing Framework has an Inverted Time Comparison in OIDC JWKS and Token Cache

Affected Components - DSF FHIR Server with enabled bearer-token authentication or back-channel logout. - DSF BPE Server with enabled bearer-token authentication or back-channel logout. - DSF BPE Server API v2 process plugins using FHIR client connections with configured OIDC authentication. Summa...

6.3CVSS5.8AI score0.00291EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33185

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References4
PyPA
PyPA
added 2026/04/13 3:17 p.m.15 views

PYSEC-2026-8

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

7.5CVSS5.8AI score0.00439EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.5 views

PT-2026-32366

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.2.0 Description Lack of clarity regarding the responsibilities of the Deployment Manager in ensuring secure deployments. Certain assumptions about the security model, workload isolation, and JWT authentication were...

7.5CVSS5.7AI score0.00439EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2026/04/12 5:15 a.m.152 views

Exploit for Path Traversal in Gogs

CVE-2025-8110-Authenticated-Remote-Code-Execution-on-Gogs-v0.1...

8.8CVSS6.4AI score0.7654EPSS
Exploits16
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.5 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.25 contained security vulnerabilities. These vulnerabilities stemmed from improper access control in the HTTP /sessions/:sessionKey/kill route. As a result, any user with a toke...

8.1CVSS5.8AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/03 10:54 p.m.16 views

CVE-2026-34953 PraisonAI: Authentication Bypass in OAuthManager.validate_token()

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validatetoken returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access t...

9.1CVSS0.00375EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-34531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to...

8.2CVSS6AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/02 11:26 p.m.7 views

SUSE CVE-2026-34531

Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to a token protected resource without passing a token, or passing an empty token, Flask-HTTPAuth would invoke the application's token...

8.2CVSS5.7AI score0.00324EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/01 11:9 p.m.9 views

Parser Server's streaming file download bypasses afterFind file trigger authorization

Impact File downloads via HTTP Range requests bypass the afterFindParse.File trigger and its validators on storage adapters that support streaming e.g. the default GridFS adapter. This allows access to files that should be protected by afterFind trigger authorization logic or built-in validators...

8.2CVSS5.9AI score0.00378EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder