Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/01/07 12:0 a.m.3 views

Tarkov Data Manager SQL注入漏洞

Tarkov Data Manager is a database management tool from The Hideout open source. A SQL injection vulnerability exists in previous versions of Tarkov Data Manager 9bdb3a75a98a7047b6d70144eb1da1655d6992a8, which stems from the presence of blind time-based SQL injection in the webhook editor and...

8.8CVSS7.9AI score0.00051EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/12/11 8:2 a.m.1 views

CVE-2025-12952

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS7.1AI score0.00071EPSS
Exploits0References1
NVD
NVDadded 2025/12/10 8:16 a.m.3 views

CVE-2025-12952

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS0.00071EPSS
Exploits0References1
CVE
CVEadded 2025/12/10 7:11 a.m.8 views

CVE-2025-12952

CVE-2025-12952 describes a privilege-escalation in Google Cloud Dialogflow CX. Investigations across multiple sources indicate that agents with Webhook editor permission could misuse Dialogflow service agent access token authentication to escalate from agent-level to project-level, enabling acces...

8.7CVSS6.8AI score0.00071EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/10 7:11 a.m.26 views

CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS0.00071EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/10 7:11 a.m.2 views

CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS6.8AI score0.00071EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/12/10 12:0 a.m.2 views

Google Cloud Dialogflow CX 安全漏洞

Google Cloud Dialogflow CX is a virtual agent building platform from Google, Inc USA. A security vulnerability exists in Google Cloud Dialogflow CX, which stems from a misconfiguration of the Webhook editor permissions that could lead to elevated privileges...

8.7CVSS6.6AI score0.00071EPSS
Exploits0References2
Rows per page
Query Builder