Lucene search
K

108 matches found

Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.13 views

PT-2026-42799

Name of the Vulnerable Software and Affected Versions Mattermost version 11.6.0 Mattermost version 11.5.3 Mattermost version 11.4.4 Mattermost version 10.11.14 Description An issue exists where the software fails to validate the OAuth token scope during the callback process. This allows an...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References9
OSV
OSV
added 2026/05/21 8:34 p.m.8 views

GHSA-M5QG-RVJQ-727P NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

Summary The OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited the full permissions of the underlying user across all routes; the...

2CVSS5.8AI score0.00151EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/21 8:34 p.m.20 views

NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

Summary The OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited the full permissions of the underlying user across all routes; the...

2CVSS5.8AI score0.00151EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/05/21 8:34 p.m.10 views

NPM: NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

NPM: NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

5.8AI score0.00151EPSS
Exploits0References2Affected Software1
FreeBSD
FreeBSD
added 2026/05/20 12:0 a.m.16 views

gitea -- multiple vulnerabilities

The Gitea team reports: CVE-2026-27783: incorrect read permission check CVE-2026-25714: public-only token filtering bypass CVE-2026-20706: missing token scope checking CVE-2026-27771: unauthenticated access to private container images CVE-2026-28744: git smart HTTP request scope bug CVE-2026-2869...

9.8CVSS6.1AI score0.40738EPSS
Exploits7References2
FreeBSD
FreeBSD
added 2026/05/13 12:0 a.m.21 views

Gitlab -- vulnerabilities

Gitlab reports: Cross-site Scripting issue in Analytics dashboard chart rendering impacts GitLab EE Cross-site Scripting issue in global search impacts GitLab CE/EE Cross-site Scripting issue in Duo Agent output rendering impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts...

8.7CVSS5.9AI score0.00355EPSS
Exploits1References1
NVD
NVD
added 2026/04/10 5:17 p.m.5 views

CVE-2026-40103

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's scoped API token enforcement for custom project background routes is method-confused. A token with only projects.background can successfully delete a project background, while a token with only...

5.4CVSS0.00222EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/10 4:12 p.m.2 views

CVE-2026-40103 Vikunja's Scoped API tokens with projects.background permission can delete project backgrounds

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's scoped API token enforcement for custom project background routes is method-confused. A token with only projects.background can successfully delete a project background, while a token with only...

4.3CVSS5.8AI score0.00222EPSS
Exploits1References4
OSV
OSV
added 2026/03/31 10:51 p.m.7 views

GHSA-3X2W-63FP-3QVW SciTokens has an Authorization Bypass via Path Traversal in Scope Validation

Summary The Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library normalizes both the authorized path from the token and the requested path from the...

8.1CVSS5.9AI score0.00516EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/03/31 10:51 p.m.6 views

SciTokens has an Authorization Bypass via Path Traversal in Scope Validation

Summary The Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library normalizes both the authorized path from the token and the requested path from the...

8.1CVSS5.9AI score0.00516EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/31 10:51 p.m.6 views

SciTokens has an Authorization Bypass via Incorrect Scope Path Prefix Checking

Summary The Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the same prefix e.g., /johnathan, /johnny, which is an Authorization Bypass. Details File:...

8.1CVSS5.9AI score0.00389EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/31 6:16 p.m.4 views

UBUNTU-CVE-2026-32726

SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass in path-based scope validation. The enforcer used a simple string-prefix comparison when checking whether a requested resource path was...

8.1CVSS5.7AI score0.00272EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/31 8:12 a.m.6 views

CVE-2026-32727

A flaw was found in SciTokens. A remote attacker can exploit this path traversal vulnerability by using "dot-dot" .. in the scope claim of a token. This allows the attacker to bypass intended directory restrictions, potentially leading to unauthorized access to files and directories outside of th...

8.1CVSS5.9AI score0.00516EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/31 3:10 a.m.3 views

Improper Authorization

Overview scitokens is a SciToken reference implementation library Affected versions of this package are vulnerable to Improper Authorization via the validatescp and validatescope functions. An attacker can gain unauthorized access to sibling paths by crafting tokens with scope paths that share a...

8.6CVSS5.9AI score0.00389EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.10 views

scitokens 安全漏洞

Scitokens is an open-source science computing token library developed by SciTokens. Versions of Scitokens prior to 1.4.1 contained security vulnerabilities. These vulnerabilities stemmed from the executor’s use of a simple string comparison when checking whether the resource path in a request was...

8.1CVSS5.8AI score0.00272EPSS
Exploits1References2
Veracode
Veracode
added 2026/03/18 7:0 a.m.8 views

Improper Access Control

code.gitea.io/gitea is vulnerable to improper access control. The vulnerability is due to incorrect handling of API tokens with scopes limited to public resources, which allows an attacker to access private resources using a token that should only permit access to public data...

5.3CVSS7.3AI score0.00238EPSS
Exploits0References5Affected Software4
Veracode
Veracode
added 2026/03/18 6:21 a.m.7 views

Improper Access Control

code.gitea.io/gitea is vulnerable to improper access control. The vulnerability is due to incorrect propagation of token scope within its package registry access control, which allows an attacker to gain unauthorized access to package resources by misusing improperly scoped tokens...

5.3CVSS7.3AI score0.00253EPSS
Exploits0References5Affected Software4
CVE
CVE
added 2026/03/10 6:56 p.m.14 views

CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/05 7:20 p.m.28 views

CVE-2026-21621 Improper Scope Enforcement in OAuth client_credentials Flow Allows Read-Only API Key to Escalate to Full Access

Incorrect Authorization vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.API.OAuthController' module allows Privilege Escalation. An API key created with read-only permissions domain: "api", resource: "read" can be escalated to full write access under specific conditions. When exchanging a...

7CVSS0.00323EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.10 views

NRF security vulnerabilities

nrf is a network repository feature module developed by free5GC. Version 1.4.0 of nrf contains a security vulnerability. This vulnerability stems from theAccessTokenScopeCheck function, which bypasses all scope verifications when using a specially crafted targetNF value, potentially allowing acce...

9.1CVSS5.8AI score0.00307EPSS
Exploits1References3
Rows per page
Query Builder