42 matches found
CVE-2026-58656
Grav API plugin before v1.0.0-rc.16: accepts JWT tokens via the ?token= URL query parameter and replies with Access-Control-Allow-Origin: *, enabling unauthenticated cross-origin API requests. This can allow attackers who obtain a leaked JWT from logs/history to create persistent backdoor super-a...
CVE-2026-58656 Grav API Plugin - Cross-Origin Admin Account Takeover via CORS Wildcard and JWT Query Parameter
Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...
CVE-2026-56277
Flowise before 3.1.2 sets Access-Control-Allow-Origin to a hardcoded wildcard on its text-to-speech TTS generation endpoint packages/server/src/controllers/text-to-speech/index.ts, independent of the server's configured CORS policy. This bypasses the server's otherwise restrictive default CORS...
CVE-2025-71381
Hono before 4.10.2 fixed in 4.10.3 contains a flaw in its CORS middleware: when the origin is not set to "", the middleware copies the Vary header from the incoming request into the response. Because Vary is a response header that should be managed by the server, an attacker can supply arbitrary...
CVE-2025-71381 Hono - Vary Header Injection in CORS Middleware
Hono before 4.10.2 fixed in 4.10.3 contains a flaw in its CORS middleware: when the origin is not set to "", the middleware copies the Vary header from the incoming request into the response. Because Vary is a response header that should be managed by the server, an attacker can supply arbitrary...
CVE-2026-46608
CVE-2026-46608 concerns Glances XML-RPC server (glances -s) where a multi-origin CORS configuration intended to restrict browser access silently falls back to a wildcard when cors_origins has two or more entries. The issue arises from server-side logic that sets Access-Control-Allow-Origin to the...
CVE-2026-46608
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server glances -s introduced a configurable CORS origin list in version 4.5.3 as a mitigation for CVE-2026-33533. However, the implementation silently falls back to Access-Control-Allow-Origin:...
CVE-2026-46608 Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533)
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server glances -s introduced a configurable CORS origin list in version 4.5.3 as a mitigation for CVE-2026-33533. However, the implementation silently falls back to Access-Control-Allow-Origin:...
CVE-2026-56076 PraisonAI - Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI Endpoint
PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: headers, combined with Starlette's...
CVE-2026-48989 Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS
Windows-MCP is an open-source project that integrates AI agents with Windows. In versions prior to 0.7.5, certain HTTP modes exposed the MCP control plane without authentication while enabling wildcard CORS alloworigins=, allowmethods=, allowheaders=. Because the same server also exposed a...
GHSA-88FW-HQM2-52QC hono: CORS Middleware reflects any Origin with credentials when `origin` defaults to the wildcard
Summary With credentials: true and no explicit origin the default wildcard, the CORS Middleware reflects the request's Origin and sends Access-Control-Allow-Credentials: true. Any site can then make credentialed cross-origin requests and read the responses, exposing cookie-authenticated endpoints...
hono: CORS Middleware reflects any Origin with credentials when `origin` defaults to the wildcard
Summary With credentials: true and no explicit origin the default wildcard, the CORS Middleware reflects the request's Origin and sends Access-Control-Allow-Credentials: true. Any site can then make credentialed cross-origin requests and read the responses, exposing cookie-authenticated endpoints...
PT-2026-49737
Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.25 Description The CORS Middleware reflects the request Origin and sends Access-Control-Allow-Credentials: true when credentials: true is enabled and no explicit origin is defined defaulting to the wildcard. This...
EUVD-2026-32003
GitLab MCP Server lets an AI agent talk directly to GitLab. Prior to 0.6.0, the HTTP transport in src/transport.ts ships with no authentication layer at all and a wildcard Access-Control-Allow-Origin: on every response. The structural defect is that the SSE server stands up a stateful,...
CVE-2026-46431 Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, the SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard regardless of the caller's Origin. Because EventSource does not preflight and does not send cookies, the wildcard is sufficient ...
CVE-2026-46431
CVE-2026-46431 affects Algernonβs SSE event server prior to version 1.17.7, where Access-Control-Allow-Origin was hardcoded to β*β. This allowed cross-origin EventSource connections to read the live filename stream, compromising confidentiality. The issue is fixed in 1.17.7; upgrading to that ver...
CVE-2026-46431 Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, the SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard regardless of the caller's Origin. Because EventSource does not preflight and does not send cookies, the wildcard is sufficient ...
GHSA-VRXG-GM77-7Q5G Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS
HTTP transports expose unauthenticated PowerShell control with wildcard CORS There is an issue in the SSE and Streamable HTTP transport modes. The default stdio mode is not affected, but the documented HTTP modes expose the MCP control plane without authentication and add wildcard CORS handling...
Flowise: Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage
Summary The TTS generation endpoint sets Access-Control-Allow-Origin: as a hardcoded response header, independent of the server's CORS configuration. This enables any webpage to make cross-origin requests to generate speech using stored credentials. Root Cause typescript //...
GHSA-9V4J-7G44-QCQW Algernon: Auto-refresh SSE event server binds to all interfaces with Access-Control-Allow-Origin: * and no authentication
Summary When auto-refresh is enabled, Algernon spins up an SSE handler that streams a data: line for every filesystem event under the watched directory. The handler performs no authentication of any kind β no shared token, no cookie check against the permissions2 userstate, no IP allow-list, no...