170 matches found
EUVD-2026-35769
LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default and documented configuration, so LSHttpRequest::checkIsAllowedHost results in no operation....
CVE-2026-50635 LimeSurvey Password Reset Host Header Injection Discloses Reset Token
LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default and documented configuration, so LSHttpRequest::checkIsAllowedHost results in no operation....
CVE-2026-50635
LimeSurvey Password Reset Host Header Injection: The system builds password-reset links from the client-supplied Host header without validating it; the default config leaves the allowlist undefined, so LSHttpRequest::checkIsAllowedHost() does nothing. A remote, unauthenticated attacker can reques...
CVE-2026-50635 LimeSurvey Password Reset Host Header Injection Discloses Reset Token
LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default and documented configuration, so LSHttpRequest::checkIsAllowedHost results in no operation....
Amazon Linux 2023 : composer (ALAS2023-2026-1800)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1800 advisory. Github Actions issued GITHUBTOKEN disclosure in GitHub Actions logs CVE-2026-45793 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that...
CVE-2026-45283
A flaw was found in Nextcloud Server. An authenticated user could exploit this vulnerability to lock or unlock files belonging to other users by manipulating WebDAV Web Distributed Authoring and Versioning paths. This issue also led to the disclosure of lock tokens in error responses, potentially...
CVE-2026-45283
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...
CVE-2026-41184
In Calico, the install-cni init container logs the rendered CNI configuration and, when the template uses the SERVICEACCOUNT_TOKEN placeholder (Canal/Flannel-Calico deployments), substitutes the live Kubernetes ServiceAccount bearer token for logging. This exposes the token to any authenticated u...
SUSE-SU-2026:21836-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
SUSE-SU-2026:21850-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
OPENSUSE-SU-2026:20812-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
SUSE-SU-2026:21787-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
SUSE-SU-2026:21871-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
keycloak: Keycloak: Access token disclosure and implicit flow bypass via forged client data
A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect OIDC clients. By manipulating client data during a session restart, an attacker can obtain an access token th...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.4.12 Security Update
New Red Hat build of Keycloak 26.4.12 packages are available from the Customer Portal Red Hat build of Keycloak 26.4.12 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...
UBUNTU-CVE-2026-45793
Github Actions issued GITHUBTOKEN disclosure in GitHub Actions logs...
CVE-2026-45793
Github Actions issued GITHUBTOKEN disclosure in GitHub Actions logs...
GHSA-HQ3P-W4XV-X7VP Keycloak: Access token disclosure and implicit flow bypass via forged client data
A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect OIDC clients. By manipulating client data during a session restart, an attacker can obtain an access token th...
Keycloak: Access token disclosure and implicit flow bypass via forged client data
A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect OIDC clients. By manipulating client data during a session restart, an attacker can obtain an access token th...
CVE-2026-7571 Keycloak: keycloak: access token disclosure and implicit flow bypass via forged client data
A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect OIDC clients. By manipulating client data during a session restart, an attacker can obtain an access token th...