Lucene search
K

34 matches found

NVD
NVD
added 2026/07/08 2:17 p.m.8 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/11 1:28 p.m.14 views

Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token

Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token | Field | Value | | ---------------- | ----- | | Repository | pipeboard-co/meta-ads-mcp | | Affected version | ≤ 1.0.101 commit 496c988 7d14226; Versions 1.0.102–1.0.105 lack git tags, so patch status is unconfirmed. | |...

5.8AI score0.0013EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.19 views

PT-2026-46994

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description The password-reset page renders the URL token directly into a JavaScript string literal within a server-rendered EJS template. Because EJS HTML-entity-encodes only a fixed set of characters and...

5.1CVSS6AI score0.00262EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.15 views

CVE-2026-44883

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bearer tokens passed...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/28 8:59 p.m.13 views

EUVD-2026-33059

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bearer tokens passed...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

LiteLLM SQL注入漏洞

LiteLLM is an open-source application developed by Berri AI. It allows for the use of OpenAI format calls for all LLM APIs. In versions 1.81.16 to 1.83.7 of LiteLLM, there was a SQL injection vulnerability. This vulnerability stemmed from the use of database queries during the check of the proxy...

9.8CVSS6.1AI score0.86607EPSS
Exploits7References1
OSV
OSV
added 2026/05/07 12:5 a.m.4 views

GHSA-PGF8-2HGJ-GRQG Vercel: Non-interactive mode includes CLI arguments in suggested command output

Summary When the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 12:5 a.m.10 views

Vercel: Non-interactive mode includes CLI arguments in suggested command output

Summary When the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/16 11:36 p.m.4 views

BIT-AUTHENTIK-2025-52553 authentik has Insufficient Session verification for Remote Access Control endpoint access

authentik is an open-source identity provider. After authorizing access to a RAC endpoint, authentik creates a token which is used for a single connection and is sent to the client in the URL. This token is intended to only be valid for the session of the user who authorized the connection, howev...

9.6CVSS5.6AI score0.00405EPSS
Exploits0References5
OSV
OSV
added 2026/03/27 5:21 p.m.4 views

GHSA-453R-G2PG-CXXQ Local Incus UI web server vulnerable to nuthentication bypass

Summary The web server spawned by incus webui incorrectly validates the authentication token such that an invalid value will be accepted. Details incus webui runs a local web server on a random localhost port. For authentication, it provides the user with a URL containing an authentication token...

8.8CVSS6AI score0.00347EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-33898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by incus webui incorrectly validates the authentication...

8.8CVSS5.9AI score0.00347EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/26 8:40 p.m.5 views

CVE-2026-33620 PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.7.8 through v0.8.3 accepted the API token from a token URL query parameter in addition to the Authorization header. When a valid API credential is sent in the URL, it can be exposed through...

4.3CVSS5.9AI score0.00273EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/26 8:40 p.m.2 views

CVE-2026-33620

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.7.8 through v0.8.3 accepted the API token from a token URL query parameter in addition to the Authorization header. When a valid API credential is sent in the URL, it can be exposed through...

4.3CVSS5.8AI score0.00273EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/24 7:33 p.m.5 views

PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems

Summary PinchTab v0.7.8 through v0.8.3 accepted the API token from a token URL query parameter in addition to the Authorization header. When a valid API credential is sent in the URL, it can be exposed through request URIs recorded by intermediaries or client-side tooling, such as reverse proxy...

4.3CVSS5.8AI score0.00273EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/10 4:40 p.m.34 views

CVE-2026-30941 Parse Server has a NoSQL injection via token type in password reset and email verification endpoints

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.14 and 9.5.2-alpha.1, NoSQL injection vulnerability allows an unauthenticated attacker to inject MongoDB query operators via the token field in the password reset and email...

8.7CVSS0.00455EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/16 2:23 p.m.7 views

CVE-2026-22644

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access...

7.5CVSS7.1AI score0.00478EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/15 1:14 p.m.8 views

EUVD-2026-2798

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access...

5.3CVSS6.6AI score0.00478EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/01/15 1:14 p.m.25 views

CVE-2026-22644

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access...

5.3CVSS0.00478EPSS
Exploits0References6
CVE
CVE
added 2026/01/15 1:14 p.m.13 views

CVE-2026-22644

Technical details (affected products, components, versions, root cause, exploit status) are not publicly provided in the connected documents. Monitor updates from Red Hat, CIRCL, NVD and others for confirmed remediation and impact.

7.5CVSS6.7AI score0.00478EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/15 1:14 p.m.5 views

CVE-2026-22644

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access...

5.3CVSS6.7AI score0.00478EPSS
Exploits0References6
Rows per page
Query Builder