Lucene search
K

317 matches found

Nuclei
Nuclei
added yesterday28 views

LiteLLM - Arbitrary File Read

LiteLLM 1.83.0 contains a broken access control vulnerability caused by lack of admin role enforcement on /config/update endpoint, letting authenticated users modify configurations, execute code, read files, and take over accounts. id: CVE-2026-35029 info: name: LiteLLM - Arbitrary File Read...

8.8CVSS6.2AI score0.26409EPSS
Exploits2References3
Cvelist
Cvelist
added 5 days ago26 views

CVE-2026-58143 Cotonti Siena 0.9.26 CSRF via admin.php Config Update Endpoint

Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes...

8.8CVSS0.00175EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 5:18 p.m.35 views

CVE-2026-57945 PhotoPrism - Unauthorized User Profile Modification via PUT /api/v1/users/{uid} Endpoint

PhotoPrism before 260601-a7d098548 contains a broken access control vulnerability that allows authenticated non-admin users to modify other users' profile information by sending requests to arbitrary user endpoints. Attackers can exploit the missing session-to-user identifier validation in the PU...

5.3CVSS0.0019EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:39 p.m.7 views

CVE-2026-44732

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, OpenProject exposes a document update endpoint used to modify existing documents. The target document is loaded with visibility checks and then updated. During update, attacker-controlled attributes are...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.8 views

PT-2026-52901

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.2 OpenProject versions prior to 17.4.0 Description OpenProject exposes a document update endpoint used to modify existing documents. The system loads the target document with visibility checks, but...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:2 p.m.4 views

GHSA-Q437-G7FV-2JVV Lemur user-update path stores plaintext passwords

Summary lemur.users.service.update writes a user's new password as plaintext to the users.password column. The User model wires bcrypt hashing to SQLAlchemy's beforeinsert event but registers no equivalent listener for beforeupdate, and service.update does not call user.hashpassword after assigni...

4.9CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/25 10:1 p.m.3 views

GHSA-X3VF-MGXJ-7785 Lemur Privilege Escalation: Non-admin role members can rewrite role membership via PUT /api/1/roles/<id>

Summary The PUT /api/1/roles/ handler in lemur/roles/views.py gates only on RoleMemberPermissionroleid.can, which is satisfied for any user who is already a member of the target role. The handler then passes data"users" and data"name" directly to service.update, permitting any role member to...

6.3CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 6:44 p.m.10 views

CVE-2026-47102

A flaw was found in LiteLLM. A user with access to the /user/update endpoint can exploit a privilege escalation vulnerability. By modifying their own userrole to proxyadmin, an attacker can gain full administrative access to LiteLLM, including control over all users, teams, keys, models, and prom...

8.8CVSS6AI score0.00653EPSS
Exploits2References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52655

Name of the Vulnerable Software and Affected Versions Lemur affected versions not specified Description Passwords are stored in plaintext in the users.password column when a user's password is updated. This occurs because the User model only triggers password hashing during the before insert even...

4.9CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2026/06/17 2:9 p.m.5 views

GHSA-F3G7-59QC-PQG6 Open WebUI IDOR: Calendar event re-parenting allows writing events into another user's calendar

Summary POST /api/v1/calendars/events/eventid/update validates that the caller has write access to the calendar the event currently belongs to, but does not validate the destination calendarid supplied in the request body. The model layer then persists the new calendarid unconditionally. A regula...

4.3CVSS5.4AI score0.00179EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.12 views

CVE-2026-36724

An uncaught exception in the /application/job/update/id endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the moduletask:job:update permission to cause a Denial of Service DoS via manipulating the func field of scheduled tasks...

6.5CVSS5.5AI score0.00289EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 7:17 p.m.14 views

CVE-2026-36724

An uncaught exception in the /application/job/update/id endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the moduletask:job:update permission to cause a Denial of Service DoS via manipulating the func field of scheduled tasks...

6.5CVSS0.00289EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.15 views

CVE-2026-11476

A security vulnerability has been detected in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this issue is the function edit-admin of the file controllers/AdminController.php of the component Profile Update Endpoint. The manipulation of the argument...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 12:0 a.m.39 views

CVE-2026-36724

An uncaught exception in the /application/job/update/id endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the moduletask:job:update permission to cause a Denial of Service DoS via manipulating the func field of scheduled tasks...

0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

FastApiAdmin 资源管理错误漏洞

FastApiAdmin is a full-stack rapid development platform based on FastAPI, developed by fastapiadmin. Version 2.2.0 of FastApiAdmin contains a resource management vulnerability. This vulnerability stems from an unhandled exception in the /application/job/update/id endpoint, which may allow...

6.5CVSS5.3AI score0.00289EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.24 views

PT-2026-48170

An uncaught exception in the /application/job/update/id endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the module task:job:update permission to cause a Denial of Service DoS via manipulating the func field of scheduled tasks...

5.5AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.30 views

CVE-2026-36724

FastapiAdmin v2.2.0 contains an uncaught exception in the /application/job/update/{id} endpoint. When an authenticated user with the module_task:job:update permission manipulates the func field of scheduled tasks, a DoS can be triggered. The CVE details the vulnerable component and the attack sce...

6.5CVSS5.5AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 3:30 p.m.9 views

CVE-2026-46441 Flowise: Mass Assignment in Assistant Update Endpoint Allows Cross-Workspace Resource Reassignment

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId...

7.6CVSS5.5AI score0.00274EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/08 3:30 p.m.10 views

EUVD-2026-35109

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId...

7.6CVSS5.5AI score0.00274EPSS
Exploits1References2
CVE
CVE
added 2026/06/08 3:29 p.m.34 views

CVE-2026-42863

Summary. FlowiseAI’s Flowise product has a mass-assignment vulnerability in the chatflow update endpoint that lets an authenticated user modify server-controlled fields (deployed, isPublic, workspaceId, createdDate, updatedDate, etc.) and reassign a chatflow to another workspace. The issue stems ...

8.1CVSS5.4AI score0.00268EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder