Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.13 views

CVE-2026-11440

A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/projectId/default-branch of the component REST API. This manipulation of the argument project.defaultBranch causes improper authorization. It is possible to initiate the attack...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/06/06 6:16 p.m.11 views

CVE-2026-11441

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/06 5:45 p.m.32 views

CVE-2026-11441 theonedev Pull Request issues canAccessIssue improper authorization

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 5:45 p.m.8 views

CVE-2026-11441 theonedev Pull Request issues canAccessIssue improper authorization

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/06 5:45 p.m.34 views

CVE-2026-11441

The CVE-2026-11441 affects Theonedev Onedev (up to 15.0.5) specifically the Pull Request Handler’s canAccessIssue function in the /issues/ path. The issue arises from manipulation of the issue argument, causing improper authorization. Exploitation is possible remotely. A fix is available in versi...

6.5CVSS5.2AI score0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/06 5:30 p.m.29 views

CVE-2026-11440

The CVE-2026-11440 entry pertained to The Onedev onedev up to version 15.0.5. It involves the REST API path /repositories/{projectId}/default-branch where manipulating the project.defaultBranch argument leads to improper authorization. The issue could be exploited remotely. A fix is available in ...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 5:15 p.m.9 views

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS6.1AI score0.00214EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/06 5:15 p.m.12 views

EUVD-2026-34974

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

6.5CVSS5AI score0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/06 5:0 p.m.28 views

CVE-2026-11438

The CVE-2026-11438 affects Theonedev Onedev up to version 15.0.5, where the vulnerability arises from improper authorization in the /projects functionality. Specifically, manipulating the argument project.forkedFromId can enable an unauthorized action, with remote attack potential. The issue is m...

6.5CVSS6.2AI score0.00214EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.12 views

PT-2026-47165

Name of the Vulnerable Software and Affected Versions Onedev versions prior to 15.0.6 Description Improper authorization exists in the Pull Request Handler component within the /issues/ file. Specifically, the canAccessIssue function fails to properly validate the issue argument, allowing a remot...

6.5CVSS6.6AI score0.00214EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.10 views

PT-2026-47164

Name of the Vulnerable Software and Affected Versions onedev versions prior to 15.0.6 Description Improper authorization exists in the REST API component. A remote attacker can manipulate the project.defaultBranch argument within the '/repositories/projectId/default-branch' endpoint to bypass...

6.5CVSS6.6AI score0.00214EPSS
Exploits0References9
Rows per page
Query Builder