Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

208 matches found

AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the timeout of a call that has not yet been granted a channel. The afsmakecall function calls rxrpc.kernelbegincall to initiate a call which may get stalled in the background while waiting for a connection to become...

5.3AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/11 12:0 a.m.12 views

PT-2026-48750

Unauthenticated Broken Authentication in Booknetic = 4.8.5 versions...

8.1CVSS5.2AI score0.00322EPSS
Exploits0References3
Fedora
Fedoraadded 2026/05/24 12:51 a.m.16 views

[SECURITY] Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43

pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...

5.5CVSS5.8AI score0.00182EPSS
Exploits0
Fedora
Fedoraadded 2026/05/10 2:55 a.m.33 views

[SECURITY] Fedora 44 Update: python-pulp-glue-0.37.0-5.fc44

pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...

5.5CVSS5.8AI score0.00182EPSS
Exploits0
GithubExploit
GithubExploitadded 2026/05/07 12:59 a.m.102 views

Exploit for Missing Authorization in N8N

GHSA-f77h-j2v7-g6mw — n8n Unauthenticated Chat Execution Hijac...

6.5CVSS6AI score0.00383EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/05/06 8:22 p.m.12 views

CVE-2026-42228

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...

6.5CVSS6AI score0.00383EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/05/04 8:21 p.m.6 views

CVE-2026-6449

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References1
NVD
NVDadded 2026/05/04 7:16 p.m.25 views

CVE-2026-42228

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...

6.5CVSS0.00383EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/04 6:27 p.m.4 views

CVE-2026-42228

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...

6.3CVSS6AI score0.00383EPSS
Exploits1References2Affected Software1
EUVD
EUVDadded 2026/05/04 6:27 p.m.33 views

EUVD-2026-27096

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...

6.3CVSS6AI score0.00383EPSS
Exploits1References1
CVE
CVEadded 2026/05/04 6:27 p.m.23 views

CVE-2026-42228

n8n (open source workflow automation) has a vulnerability in the /chat WebSocket endpoint used by the Chat Trigger node’s Hosted Chat feature. The issue: an unauthenticated attacker could attach to a workflow execution in a waiting state without verifying authorization, receive the pending prompt...

6.5CVSS6AI score0.00383EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/04 6:27 p.m.8 views

CVE-2026-42228 n8n: Hijacking of Unauthenticated Chat Execution

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...

6.3CVSS6AI score0.00383EPSS
Exploits1References1
NVD
NVDadded 2026/05/02 8:16 a.m.3 views

CVE-2026-6449

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS0.00458EPSS
Exploits0References8
CVE
CVEadded 2026/05/02 7:46 a.m.13 views

CVE-2026-6449

The CVE-2026-6449 entry concerns the Booking for Appointments and Events Calendar – Amelia WordPress plugin, vulnerable in all versions up to 2.1.2. The flaw is an improper authorization flow caused by a logical short-circuit in the authorization logic that skips token validation when a booking h...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/02 7:46 a.m.4 views

CVE-2026-6449

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2026/05/02 7:46 a.m.5 views

CVE-2026-6449 Booking for Appointments and Events Calendar – Amelia <= 2.1.2 - Unauthenticated Authorization Bypass via Remote Approval Endpoint

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/02 7:46 a.m.34 views

CVE-2026-6449 Booking for Appointments and Events Calendar – Amelia <= 2.1.2 - Unauthenticated Authorization Bypass via Remote Approval Endpoint

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS0.00458EPSS
Exploits0References8
EUVD
EUVDadded 2026/05/02 7:46 a.m.5 views

EUVD-2026-26758

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/02 12:0 a.m.7 views

PT-2026-36591

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References9
Snyk
Snykadded 2026/04/29 9:17 p.m.4 views

Missing Authorization

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Missing Authorization via the /chat WebSocket endpoint when authentication is set to None and a workflow execution is in a waiting state. An attacker can gain unauthorized access to workflow...

6.5CVSS6AI score0.00383EPSS
Exploits1References2
Rows per page
Query Builder