191 matches found
CVE-2026-10864
A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and New Organisations widgets. In some cases, requesting a field set that became empty after validation or redaction could cause th...
CVE-2026-10597 ITPison|OMICARD EDM - Insecure Direct Object Reference
OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...
CVE-2026-10597
OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address...
Kirby CMS's content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions
TL;DR This vulnerability affects all Kirby sites that restrict the visibility of users for certain roles via the users.access or users.list permissions. A site is affected if users of a particular role are not allowed to see other users in the Panel, for example because the role's blueprint sets...
GHSA-39VQ-49QM-R2MC Kirby CMS's content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions
TL;DR This vulnerability affects all Kirby sites that restrict the visibility of users for certain roles via the users.access or users.list permissions. A site is affected if users of a particular role are not allowed to see other users in the Panel, for example because the role's blueprint sets...
CVE-2026-40102
Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...
CVE-2026-40102 Plane: ORM Field Reference Injection via `segment` Parameter in Saved Analytics
Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...
CVE-2026-40102
The CVE concerns Plane, an open-source project management tool. In versions ≤1.3.0, SavedAnalyticEndpoint accepts a user-controlled segment value and forwards it to a Django F() expression without validation, causing ORM Field Reference Injection. An authenticated workspace MEMBER can call GET /a...
EUVD-2026-31199
Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...
NSFW app leak exposes 70,000 prompts linked to individual users
MyLovely.AI, an AI “artwork” generation platform, has reportedly been compromised, affecting 106,362 registered users. The AI girlfriend app allows users to generate personalized NSFW content and engage in real-time conversations with AI-generated personas, often sharing highly personal prompts a...
CVE-2026-31901
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-alpha.8, the email verification endpoint /verificationEmailRequest returns distinct error responses depending on whether an email address belongs to an existing user, ...
PT-2026-27049
Name of the Vulnerable Software and Affected Versions ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress versions up to and including 2.2.12 Description The ReviewX plugin for WordPress is susceptible to exposure of...
CVE-2026-31381
CVE-2026-31381 and related entries describe a Gainsight Assist plugin information-disclosure vulnerability. The core issue is that user email addresses (PII) are exposed in base64-encoded form via the OAuth callback URL’s state parameter. This can allow an attacker to recover emails if the OAuth ...
CVE-2026-2571
The CVE-2026-2571 entry concerns the WordPress Download Manager plugin, affected through version 3.3.49 and earlier. A missing capability check in the reviewUserStatus function allows authenticated users with Subscriber-level access and above to access data of any site user (e.g., email addresses...
curl: Exposed .git/config File Leading to Potential Sensitive Information Disclosure
Summary: The .git/config file is publicly accessible on the target server, which may expose sensitive repository configuration details. This indicates that the .git directory is improperly exposed, potentially allowing attackers to reconstruct the entire source code repository and extract sensiti...
CVE-2026-31901
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-alpha.8, the email verification endpoint /verificationEmailRequest returns distinct error responses depending on whether an email address belongs to an existing user, ...
CVE-2026-31901 Parse Server has user enumeration via email verification endpoint
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-alpha.8, the email verification endpoint /verificationEmailRequest returns distinct error responses depending on whether an email address belongs to an existing user, ...
CVE-2026-31901
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-alpha.8, the email verification endpoint /verificationEmailRequest returns distinct error responses depending on whether an email address belongs to an existing user, ...
CVE-2026-31901 Parse Server has user enumeration via email verification endpoint
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-alpha.8, the email verification endpoint /verificationEmailRequest returns distinct error responses depending on whether an email address belongs to an existing user, ...
CVE-2026-31901
Parse Server has a user-enumeration vulnerability via the email verification endpoint /verificationEmailRequest. Before versions 8.6.34 and 9.6.0-alpha.8, responses differ depending on whether the email belongs to an existing user, is already verified, or does not exist, allowing an attacker to d...