50179 matches found
CVE-2026-42533
A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable i...
CVE-2026-61684 FastGPT: Unauthenticated cross-tenant data access via forgeable plugin-invoke JWT (default INVOKE_TOKEN_SECRET='token')
FastGPT is a knowledge-based AI application platform. In 4.15.0-beta4, FastGPT plugin invoke reverse-call endpoints under /api/invoke/ authenticate only by verifying a JWT signed with INVOKETOKENSECRET, which defaults to the constant string token and was not set in official deployment templates. ...
CVE-2026-46459 Missing Authorization in ICU Scandinavia Boomerang
ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and write unauthorized data to the sensor database. This issue has been fixed in version 2.4.18.029...
CVE-2026-46458 Credential exposure in ICU Scandinavia Boomerang
ICU Scandinavia Boomerang is vulnerable to an information disclosure flaw where sensitive credential files are exposed via static HTTP. This allows an unauthenticated remote attacker to retrieve plaintext service account and SMTP credentials by requesting specific XML files from the webroot. This...
EUVD-2026-44666
ICU Scandinavia Boomerang is vulnerable to an information disclosure flaw where sensitive credential files are exposed via static HTTP. This allows an unauthenticated remote attacker to retrieve plaintext service account and SMTP credentials by requesting specific XML files from the webroot. This...
CVE-2026-46458
CVE-2026-46458 affects ICU Scandinavia Boomerang. An information-disclosure flaw allows an unauthenticated attacker to retrieve plaintext credentials by requesting specific XML files from the webroot over static HTTP. The root cause is exposure of sensitive credential files via static HTTP paths....
CVE-2026-61436
PraisonAI before 4.6.78 fails to verify Svix webhook signatures in AgentMail webhook mode, allowing unauthenticated attackers to forge message.received events. Attackers can send crafted JSON payloads to the webhook endpoint to invoke configured agents with arbitrary sender addresses and message...
EUVD-2026-44641
PraisonAI before 4.6.78 contains an authentication bypass in the Call API agent invocation endpoints src/praisonai/praisonai/api/agentinvoke.py when PRAISONAICALLAUTH=disabled is configured. The safeguard intended to restrict the disabled-auth opt-out to localhost binding derives the bind host fr...
CVE-2026-57833 Joomla Extension - weeblr.com - Unauthenticated stored XSS in 4Analytics < 5.0.2
The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS in relation to the AI analysis feature...
CVE-2026-57833
The CVE affects the Joomla extension 4Analytics for weeblr.com, with an unauthenticated stored XSS vulnerability in the AI analysis feature present in versions prior to 5.0.2. The underlying issue is a stored XSS in the AI analysis workflow, leading to high impact on confidentiality, integrity, a...
EUVD-2026-44601
The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS in relation to the AI analysis feature...
CVE-2026-57832
The Joomla extension EDocman is vulnerable to an unauthenticated SQL injection...
EUVD-2026-44600
The Joomla extension EDocman is vulnerable to an unauthenticated SQL injection...
CVE-2026-57832
CVE-2026-57832 concerns the Joomla extension EDocman (versions earlier than 3.9) and describes an unauthenticated blind SQL injection. The CVE entry indicates the vulnerability exists in the EDocman component for Joomla and can be exploited without authentication, with network attack vector, no p...
CVE-2026-15583 SSRF (confused deputy) in Grafana MCP Server via X-Grafana-URL header
A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...
CVE-2026-12512
The Quotes llama WordPress plugin before 3.1.6 does not properly sanitize and escape a user-supplied parameter before using it in a SQL query, allowing unauthenticated attackers to perform UNION-based SQL injection and read arbitrary data from the database, including password hashes...
EUVD-2026-44595
The Quotes llama WordPress plugin before 3.1.6 does not properly sanitize and escape a user-supplied parameter before using it in a SQL query, allowing unauthenticated attackers to perform UNION-based SQL injection and read arbitrary data from the database, including password hashes...
WordPress Slider Future <= 1.0.5 - Unauthenticated Arbitrary File Upload
Slider Future WordPress plugin = 1.0.5 contains an unrestricted file upload vulnerability caused by missing file type validation in 'sliderfuturehandleimageupload', letting unauthenticated attackers upload arbitrary files, exploit requires no authentication. id: CVE-2026-1405 info: name: WordPres...
WP Extended < 3.0.0 - Stored Cross-Site Scripting
The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...
Horde Groupware Unauthenticated Admin Access
Horde Groupware contains an administrative account with a blank password, which allows remote attackers to gain access. id: CVE-2005-3344 info: name: Horde Groupware Unauthenticated Admin Access author: pikpikcu severity: critical description: Horde Groupware contains an administrative account wi...