passport 授权问题漏洞

Passport is a Node.js authentication middleware developed by Jared Hanson, a personal developer in the United States. Versions of Passport prior to 13.0.0 and 13.7.1 had an authorization vulnerability. This vulnerability stemmed from an client-credentials token authentication process, which could...

CVE-2026-34953

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validatetoken returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access t...

PraisonAI Has Authentication Bypass via OAuthManager.validate_token()

Summary OAuthManager.validatetoken returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. Details...

CVE-2026-31997 OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

CVE-2025-69196

A flaw was found in FastMCP, a framework for building MCP applications. The server does not correctly process the resource parameter provided by the client during authorization and token requests. This can lead to security tokens being issued for an unintended base URL Uniform Resource Locator...

File Upload(RCE) Vulnerability in admidio

Summary A critical unrestricted file upload vulnerability exists in the Documents & Files module of Admidio. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file...

PT-2026-2217

Name of the Vulnerable Software and Affected Versions Ghost versions 5.121.0 through 5.130.5 Ghost versions 6.0.0 through 6.10.3 Description Ghost is a Node.js content management system. A flaw in how Ghost manages Staff Token authentication permitted access to endpoints intended only for Staff...

SUSE CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

AutoBizLine 2nd Line Android App 安全漏洞

AutoBizLine 2nd Line Android App is a mobile messaging application from AutoBizLine, Inc. A security vulnerability exists in AutoBizLine 2nd Line Android App v1.2.92 and earlier versions, which stems from improper access control in the authentication mechanism, where the server only validates the...

EUVD-2021-0670

Malware in sbrugna...

EUVD-2022-27478

Malicious code in bioql PyPI...

EUVD-2021-32162

Malicious code in bioql PyPI...

CVE-2025-10644

Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

Linux Distros Unpatched Vulnerability : CVE-2024-51488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens...

CVE-2025-53642 haxcms-nodejs and haxcms-php Improperly Terminate Sessions

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6...

Mist 安全漏洞

Mist is an open source multi-cloud management platform from Mist, Inc. in the United States. Mist has a security vulnerability that originates from improper access control in the function createtoken in the file src/mist/api/auth/views.py...

krb5: GSS message token handling

A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper...

krb5: GSS message token handling

A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper...

CVE-2022-43654

NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30S routers. Authentication is not required to exploit this vulnerability. The specific flaw exists with...

GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform

Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform GCP that could have enabled threat actors to conceal an unremovable, malicious application inside a victim's Google account. Dubbed GhostToken by Israeli cybersecurity startup Astrix Security,...