4 matches found
CVE-2026-12799
A flaw was found in BerriAI litellm. A remote attacker could exploit an improper authorization vulnerability in the uiviewusers function to gain access to sensitive information. This issue is related to an incomplete fix for a previous vulnerability. Mitigation To reduce exposure, restrict networ...
CVE-2026-12799
The CVE-2026-12799 entry concerns BerriAI litellm up to version 1.82.2. The vulnerability affects the function ui_view_users in litellm/proxy/management_endpoints/internal_user_endpoints.py (component: Incomplete Fix CVE-2025-0628) and enables improper authorization. The issue can be exploited re...
Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects
Impact What kind of vulnerability is it? Who is impacted? A user with permissions to view Dynamic Group records extras.viewdynamicgroup permission can use the Dynamic Group detail UI view /extras/dynamic-groups// and/or the members REST API view /api/extras/dynamic-groups//members/ to list the...
Description of the security update for SharePoint Server 2019: December 14, 2021 (KB5002054)
Description of the security update for SharePoint Server 2019: December 14, 2021 KB5002054 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities, see t...