1621 matches found
Purchase Order Management v1.0 - Cross Site Scripting (Reflected)
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...
Jenkins build-metrics 1.3 - Cross-Site Scripting
Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides. id: CVE-2019-10475 info: name: Jenkins build-metrics 1.3 - Cross-Site Scripting author: madrobot severity...
MAL-2026-10232 Malicious code in salesforce-vscode-slds (npm)
The salesforce-vscode-slds package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a...
CVE-2026-56666
ZITADEL before v4.15.3 permits auto-linking by email without confirming IdP ownership of the email. The external IdP handler validates the local email but not that the IdP confirms ownership, enabling linking a permissive provider account to a victim’s local account. This vulnerability is address...
CVE-2026-55604
DeepSeek MCP Server (DeepSeek V4) is vulnerable from v1.4.2 up to, but not including, v1.7.0. The issue stems from a process-global SessionStore that accepts caller-supplied session_id values without binding them to any authenticated principal or transport session. An attacker can enumerate activ...
CVE-2026-55604 @arikusi/deepseek-mcp-server has an Authorization Bypass Through User-Controlled Key
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...
CVE-2026-54783
CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF WS-Security endorsing and supporting signature verification does not ensure the selected ds:Signature covers the expected Security header target, allowing an attacker with...
CVE-2026-60104 Bitwarden Server < 2026.6.0 Authorization Bypass via Admin Auth Request
Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the authenticated caller, allowing a low-privileged organization member to obtain another user's vault key and a victim-scoped access token by creating a Trusted Device Encryptio...
CVE-2026-60104
Bitwarden Server before 2026.6.0 is vulnerable to an authorization bypass in the admin/auth request flow. A low-privileged organization member can exploit a mismatch in the POST /auth-requests/admin-request handling to bind a Trusted Device Encryption request to an attacker-controlled public key,...
EUVD-2026-42257
n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow where authenticated users can inject malicious JavaScript URLs into OAuth2 credential Authorization URL fields. Attackers can craft malicious credentials and trick victims into clicking the OAuth...
CVE-2026-55438
Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, subdomain-based proxy would bypass the same-owner CORS check when a workspace-name segment parsed as a UUID. The workspace could be resolved by ID with...
Langflow Authorization Bypass Through User-Controlled Key Vulnerability
Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request...
Malicious code in box-react-uix (npm)
The box-react-uix package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a 'box' internal...
Malicious code in enbd-react-lib (npm)
The enbd-react-lib package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization an 'enbd' interna...
Malicious code in @flex-ng/filter-pipe (npm)
The @flex-ng/filter-pipe package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization the @flex-n...
Malicious code in @flex-ng/header-component (npm)
The @flex-ng/header-component package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization the...
MAL-2026-10237 Malicious code in tme-xca-react (npm)
The tme-xca-react package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a 'tme' internal...
CVE-2026-9180
The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...
EUVD-2026-41492
The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...
CVE-2026-9180
MotoPress Appointment Booking for WordPress (versions up to 2.4.4) is vulnerable to an Authorization Bypass via a user-controlled booking_id. The REST endpoint POST /motopress/appointment/v1/bookings is registered with a permissive permission_callback (return_true ), and createBooking() loads the...