Lucene search
K

79061 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-54430

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS5.8AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2 days ago6 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS0.00321EPSS
Exploits0References1
Nuclei
Nuclei
added 2 days ago23 views

WordPress AI Engine Plugin - Token Exposure

Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...

9.8CVSS7.3AI score0.75063EPSS
Exploits5References2
Nuclei
Nuclei
added 2 days ago53 views

D-Link D-View 8 v2.0.1.28 - Authentication Bypass

Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28 id: CVE-2023-5074 info: name: D-Link D-View 8 v2.0.1.28 - Authentication Bypass author: DhiyaneshDK severity: critical description: | Use of a static key t...

9.8CVSS7AI score0.67914EPSS
Exploits1References4
Nuclei
Nuclei
added 2 days ago66 views

Flowise <= 3.0.5 - Account Takeover

Flowise versions 3.0.5 and earlier had a vulnerability in the forgot-password endpoint, which returned valid reset tokens without authentication—allowing attackers to reset passwords and take over accounts. id: CVE-2025-58434 info: name: Flowise = 3.0.5 - Account Takeover author:...

9.8CVSS6.8AI score0.50118EPSS
Exploits14References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS0.00321EPSS
Exploits0References1
CVE
CVE
added 2 days ago5 views

CVE-2026-14336

The connected documents confirm CVE-2026-14336 affects PIA’s OIDC issuer allowlist for Jenkins tokens. The issue is a faulty host-bounded URL validation: issuer.startswith(' https://ci.eclipse.org ') is used in is_issuer_known (pia/models.py:139) instead of properly validating the issuer as a hos...

8.2CVSS6AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-13323

A flaw was found in Open VSX Registry. The /vscode/unpkg/ endpoint serves user-supplied HTML files with a Content-Type of text/html without Content-Security-Policy or Content-Disposition: attachment response headers. An attacker with a registered publisher account can upload a VSIX containing a...

5.4CVSS5.6AI score0.00169EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago5 views

jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression

A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This...

7.5CVSS6.9AI score0.00244EPSS
Exploits1References5
EUVD
EUVD
added 3 days ago54 views

EUVD-2026-32710

Keycloak has privilege escalation via improper scope mapping enforcement...

7.3CVSS5.8AI score0.00292EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-14340

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App installation to perform certain write operations on public repositories outside the token's intended scope. This was possible because the authorization...

5.3CVSS5.8AI score0.00284EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-14340 An incorrect authorization vulnerability in GitHub Enterprise Server allows issue creation in unrelated public repositories

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App installation to perform certain write operations on public repositories outside the token's intended scope. This was possible because the authorization...

5.3CVSS0.00284EPSS
Exploits0References6
CVE
CVE
added 3 days ago7 views

CVE-2026-14340

GitHub Enterprise Server (GitHub ES) suffers an incorrect authorization vulnerability (CVE-2026-14340) where a user-to-server token scoped to a GitHub App installation could perform write operations on public repositories outside the token’s scope. The root cause is an authorization check that on...

5.3CVSS5.8AI score0.00284EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41145

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App installation to perform certain write operations on public repositories outside the token's intended scope. This was possible because the authorization...

5.3CVSS5.8AI score0.00284EPSS
Exploits0References6
NVD
NVD
added 3 days ago6 views

CVE-2026-50160

Hoppscotch is an API development ecosystem. In self-hosted deployments of hoppscotch-backend from version 2026.4.1 and earlier, the unauthenticated POST /v1/onboarding/config endpoint is vulnerable to mass assignment. The global NestJS ValidationPipe is configured without whitelist: true, so extr...

10CVSS0.0059EPSS
Exploits1References3
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-50160 Mass Assignment via Onboarding Endpoint Allows Unauthenticated JWT_SECRET Overwrite

Hoppscotch is an API development ecosystem. In self-hosted deployments of hoppscotch-backend from version 2026.4.1 and earlier, the unauthenticated POST /v1/onboarding/config endpoint is vulnerable to mass assignment. The global NestJS ValidationPipe is configured without whitelist: true, so extr...

10CVSS0.0059EPSS
Exploits1References2
CVE
CVE
added 3 days ago19 views

CVE-2026-50160

Hoppscotch self-hosted deployments (Hoppscotch-backend

10CVSS6.1AI score0.0059EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 3 days ago4 views

python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.8AI score0.00394EPSS
Exploits1References5
NVD
NVD
added 3 days ago7 views

CVE-2026-58399

@acastellon/auth is an authentication control system for microservices. Versions prior to 2.3.0 appear to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for...

8.7CVSS0.00543EPSS
Exploits0References3
CVE
CVE
added 3 days ago12 views

CVE-2026-58399

The CVE affects @acastellon/auth (authentication control for microservices). Versions

8.7CVSS5.8AI score0.00543EPSS
Exploits0References3
Rows per page
Query Builder