5 matches found
CVE-2026-41053
CVE-2026-41053 affects Rancher’s GitHub authentication provider, specifically the team membership expansion, where an incorrect authentication caching flaw could grant principal access to any logged-in user. Affected versions are 2.13 prior to 2.13.6 and 2.14 prior to 2.14.2. Root cause: faulty c...
CVE-2026-27383 WordPress Metro theme <= 2.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...
CVE-2025-15578 Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely
Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id is seeded with the system time which is available from HTTP response headers, a call to the built-in rand function, and the PID...
PT-2024-28165 · Mattermost · Mattermost Mobile
Name of the Vulnerable Software and Affected Versions: Mattermost Mobile app versions 2.13.0 and earlier Description: The issue allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link, due to the use of a regular expression with polynomial complexi...
TheHive Elevation of Privilege Vulnerability
TheHive is a scalable open source security incident response platform. An elevation of privilege vulnerability exists in the User API in versions of TheHive prior to 2.13.4 and 3.x prior to 3.3.1, which can be exploited by an attacker with read-only or read/write access to escalate privileges to...