Lucene search
K

816 matches found

Nuclei
Nuclei
added yesterday13 views

ownCloud Guests - User Enumeration

ownCloud Guests before 0.12.5 contains an unauthenticated user enumeration vulnerability caused by insufficient validation of the token in showPasswordForm at /apps/guests/register/email/token, letting unauthenticated attackers enumerate valid guest users, exploit requires no authentication. id:...

5.3CVSS5.8AI score0.0085EPSS
Exploits1References3
CVE
CVE
added 2 days ago13 views

CVE-2026-27882

Coolify prior to 4.0.0-beta.461 uses a non-constant-time string comparison (!=) to validate the GitLab webhook secret token, enabling timing-based disclosure of the secret. The issue is fixed in 4.0.0-beta.461. Remediation: upgrade to 4.0.0-beta.461.

4.8CVSS5.8AI score0.00146EPSS
Exploits0References1
OSV
OSV
added 3 days ago5 views

PYSEC-2026-468 PraisonAI Has Authentication Bypass via OAuthManager.validate_token()

Summary OAuthManager.validatetoken returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. Details...

9.1CVSS5.9AI score0.00375EPSS
Exploits1References5
OSV
OSV
added 3 days ago5 views

PYSEC-2026-315 Cobbler Improper Validation of Security Tokens

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API /cobblerapi that can result in Privilege escalation, data manipulation or...

9.8CVSS7.2AI score0.12484EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/23 7:40 p.m.5 views

CVE-2026-12112 Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS5.9AI score0.00146EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 7:40 p.m.32 views

CVE-2026-12112 Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS0.00146EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 3:42 p.m.36 views

CVE-2026-54308 n8n: Missing Token Validation on Microsoft Agent 365 Trigger Node

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to...

6.3CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 3:42 p.m.11 views

CVE-2026-54308

CVE-2026-54308 affects the n8n platform, specifically versions prior to 2.25.7 and 2.26.2. The MicrosoftAgent365Trigger and StripeTrigger nodes did not validate inbound requests, enabling an unauthenticated attacker who knows the webhook URL to submit a forged payload and cause workflow execution...

7.2CVSS5.9AI score0.00276EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/22 1:18 p.m.16 views

CVE-2025-2669

CVE-2025-2669 affects IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data (versions 4.8, 5.0, 5.1, 5.2, 5.3). The root cause is improper token validation, enabling a privileged user to perform operations and access sensitive information outside their authority. The available sou...

6.5CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/06/22 1:18 p.m.31 views

CVE-2025-2669 Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation...

6CVSS0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 1:18 p.m.7 views

EUVD-2025-210299

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation...

6CVSS5.8AI score0.00197EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/18 5:22 p.m.9 views

@acastellon/auth: Authentication bypass via spoofable headers in validateToken()

@acastellon/auth v2.2.0 appears to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for auth-user: service-brother when req.get'host'.startsWithgetHostName. Both...

8.7CVSS5.5AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/18 3:32 p.m.3 views

GHSA-WCPR-6G7X-P44R googleapis/mcp-toolbox: authentication bypass vulnerability in the generic opaque token validation path (validateOpaqueToken)

An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When the toolbox validates an opaque token via an OAuth 2.0 introspection endpoint RFC 7662, it decodes the response into an introspectResp struct. However, the...

9.3CVSS5.9AI score0.00204EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 3:32 p.m.3 views

GHSA-8FCC-W5HV-4GXV googleapis/mcp-toolbox: authentication bypass vulnerability in the generic opaque token validation path (validateOpaqueToken)

An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When verifying an unparsed opaque token via an OAuth 2.0 introspection endpoint RFC 7662, the toolbox decodes the response into an introspectResp struct where t...

9.3CVSS6AI score0.00195EPSS
Exploits0References3
NVD
NVD
added 2026/06/18 2:17 p.m.12 views

CVE-2026-11718

An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When the toolbox validates an opaque token via an OAuth 2.0 introspection endpoint RFC 7662, it decodes the response into an introspectResp struct. However, the...

9.3CVSS0.00204EPSS
Exploits0References1
OSV
OSV
added 2026/06/18 1:52 p.m.4 views

GHSA-WXG7-W2V3-W38G ZITADEL: Missing Token Lifecyle Validation (`exp` and `iat`) in JWT IdP Provider

Summary Two closely related token lifecycle validation vulnerabilities were discovered in ZITADEL's external JWT Identity Provider IdP implementation. Specifically, within the validation pipeline: Missing Expiration exp Enforcement: If an incoming JWT omits the exp claim entirely, the expiration...

4.2CVSS5.6AI score
Exploits0References5
CVE
CVE
added 2026/06/18 11:52 a.m.30 views

CVE-2026-11718

The CVE-2026-11718 entry concerns an authentication bypass in googleapis/mcp-toolbox: during opaque-token validation via an OAuth 2.0 introspection endpoint, the code decodes the response and checks issuer with the condition a.issuer != "" && iss != "". If the introspection response omits iss, is...

9.3CVSS5.4AI score0.00204EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:52 a.m.9 views

CVE-2026-11718

An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When the toolbox validates an opaque token via an OAuth 2.0 introspection endpoint RFC 7662, it decodes the response into an introspectResp struct. However, the...

9.3CVSS5.3AI score0.00204EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/18 6:5 a.m.20 views

CVE-2026-55742

Cotonti 1.0.0 (master, commit f43f1fc3) is vulnerable to CSRF in system/admin/admin.rights.php while performing the update action (a=update). The code path updates group access rights (including via cot_auth_add_group) without calling cot_check_xg() to validate an anti-CSRF token. A remote attack...

9.6CVSS5.8AI score0.00227EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.14 views

PT-2026-50660

Name of the Vulnerable Software and Affected Versions googleapis/mcp-toolbox affected versions not specified Description An authentication bypass exists in the generic opaque token validation path validateOpaqueToken. When validating an opaque token via an OAuth 2.0 introspection endpoint, the...

9.3CVSS5.8AI score0.00204EPSS
Exploits0References9
Rows per page
Query Builder