Lucene search
+L

432 matches found

nvd
nvd
added 2 days ago6 views

CVE-2026-45337

Better Auth is an authentication and authorization library for TypeScript. From 1.6.0 until 1.6.11, the deviceAuthorization plugin treats any authenticated session as the owner of any pending device code because GET /device does not claim the row and POST /device/approve and POST /device/deny...

7.6CVSS0.00142EPSS
Exploits0References4
nvd
nvd
added 3 days ago6 views

CVE-2026-15675

A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...

7.5CVSS0.00263EPSS
Exploits0References6
euvd
euvd
added 3 days ago6 views

EUVD-2026-43551

The SCORM lab launch endpoint in Skillable scorm.skillable.com through 2026-07-13 does not validate the client-supplied userId parameter against the authenticated SCORM session token. An authenticated user can substitute arbitrary userId values to bypass per-user lab launch rate limits and consum...

6.3CVSS6.2AI score0.0041EPSS
Exploits1References5
cvelist
cvelist
added 4 days ago35 views

CVE-2026-56877

The SCORM lab launch endpoint in Skillable scorm.skillable.com through 2026-07-13 does not validate the client-supplied userId parameter against the authenticated SCORM session token. An authenticated user can substitute arbitrary userId values to bypass per-user lab launch rate limits and consum...

6.3CVSS0.0041EPSS
Exploits1References2
nvd
nvd
added 4 days ago4 views

CVE-2026-15557

A weakness has been identified in waooAI waoowaoo up to 0.4.1. Affected by this vulnerability is the function getInternalTaskSession/getAuthSession/requireUserAuth/requireProjectAuth/requireProjectAuthLight in the library src/lib/api-auth.ts of the component Internal Task Header Handler. This...

7.5CVSS0.00507EPSS
Exploits0References6
osv
osv
added last week4 views

CVE-2026-55670 ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers

ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original...

2.3CVSS6.1AI score0.00286EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.22 views

PT-2026-56575

Name of the Vulnerable Software and Affected Versions PAN-OS versions 12.1 PAN-OS versions 11.2 PAN-OS versions 11.1 PAN-OS versions 10.2 Prisma Access affected versions not specified Description Multiple buffer overflow issues exist in the User-ID Terminal Server Agent TSA component of PAN-OS an...

10CVSS7.3AI score0.00557EPSS
Exploits0References13
cvelist
cvelist
added 2026/07/01 5:40 p.m.39 views

CVE-2026-46680 containerd user ID handling bypass allows runAsNonRoot evasion

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...

7.3CVSS0.00221EPSS
Exploits1References1
euvd
euvd
added 2026/07/01 4:32 a.m.7 views

EUVD-2026-40906

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.9.1 via the 'userId' parameter due to missing validation on a user controlled key. This makes it possible for...

6.5CVSS5.8AI score0.00275EPSS
Exploits0References8
osv
osv
added 2026/06/30 2:45 p.m.7 views

PSF-2026-32

In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract function...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References8
euvd
euvd
added 2026/06/29 7:0 a.m.7 views

EUVD-2026-40045

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS7AI score0.02706EPSS
Exploits1References6
euvd
euvd
added 2026/06/28 4:30 a.m.9 views

EUVD-2026-39982

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
osv
osv
added 2026/06/26 7:41 p.m.4 views

CVE-2026-44731 OpenProject: Improper Access Control on OpenProject through /projects/[projectName]/meetings via "invited_user_id" in GET parameter "filters" leads to user names disclosure

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid account and discloses the user's full name, allowing an attacker to enumerate all existing user account...

4.3CVSS6AI score0.00186EPSS
Exploits0References3
osv
osv
added 2026/06/25 6:8 p.m.2 views

CVE-2026-56772 NewsBlur < 14.5.0 - Insecure Direct Object Reference in Social Interactions Endpoint

NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplying arbitrary userid values to the GET /social/interactions endpoint without ownership verification. Attackers can enumerate userid values to access...

5.3CVSS6AI score0.00204EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/22 11:43 a.m.36 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS0.00362EPSS
Exploits0References16
osv
osv
added 2026/06/22 11:43 a.m.3 views

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS6.1AI score0.00362EPSS
Exploits0References19
cve
cve
added 2026/06/18 4:13 p.m.28 views

CVE-2026-54105

The CVE concerns CVE-2026-54105 affecting the GAO EPDS and CBCA EDS systems. The vulnerability arises from the update-profile/ API endpoint, where a remote, unauthenticated attacker can supply an arbitrary user_id and receive a JSON response containing account-specific information, including the ...

6.9CVSS5.3AI score0.003EPSS
Exploits0References4
euvd
euvd
added 2026/06/18 4:13 p.m.15 views

EUVD-2026-37912

The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a reque...

6.9CVSS5.3AI score0.003EPSS
Exploits0References4
euvd
euvd
added 2026/06/17 6:35 p.m.12 views

EUVD-2025-210214

In overrideConfig of CarrierConfigLoader.java, there is a possible way to bypass UID check due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00077EPSS
Exploits0References2
euvd
euvd
added 2026/06/15 12:0 p.m.9 views

EUVD-2016-10884

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
Rows per page
Query Builder