CVE-2026-44649 SillyTavern: Authentication Bypass via SSO Header Injection

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...

Astra Linux - уязвимость в supervisor

In Supervisor version 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer confirmed that the affected component, inethttpserver, is not enabled by default. However, if the user enables it and does not set a password, Supervisor will log a warning message...

GHSA-QXVM-R42F-5P8J AVideo's Meet plugin: `uploadRecordedVideo.json.php` derives `users_id` from the uploaded filename and calls passwordless `User->login()`, allowing any caller with the Meet shared secret to obtain a session as arbitrary users including admin

Summary Type: Authorization-bypass via user-controlled identifier. The Meet plugin's recorded-video upload endpoint plugin/Meet/uploadRecordedVideo.json.php authenticates the caller using a single shared Authorization: Bearer against $objM-secret. Once that check passes, the endpoint reads the...

EUVD-2026-23753

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...

Parse Server has a login timing side-channel reveals user existence

Impact The login endpoint response time differs measurably depending on whether the submitted username or email exists in the database. When a user is not found, the server responds immediately. When a user exists but the password is wrong, a bcrypt comparison runs first, adding significant...

theshit's Improper Privilege Dropping Allows Local Privilege Escalation via Command Re-execution

Impact Vulnerability Type: Local Privilege Escalation LPE / Improper Privilege Management / Arbitrary Command Execution. The application automatically re-executes the previously failed command but does not properly drop elevated privileges during this process. When the tool is executed with sudo ...

CVE-2026-27611 FileBrowser Quantum: Password Protection Not Enforced on Shared File Links

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link i...

CVE-2026-27611

CVE-2026-27611 affects FileBrowser Quantum, a web-based file manager. When sharing password-protected files, the API exposes a direct download link via the share details, allowing anyone with the share link (no password) to download the file. Affected versions are before 1.1.3-stable and 1.2.6-be...

CVE-2025-15586

OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the victim account's password...

CVE-2022-50981

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...

MiracleLinux 7 : rh-mariadb105-mariadb (AXSA:2022-3124:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3124:01 advisory. mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2154 mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2166 mysq...

CVE-2023-54335

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

CVE-2023-54335 eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

PT-2026-25820

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.2 Description Glances, an open-source system cross-platform monitoring tool, contains a critical issue in its Central Browser mode. The /api/4/serverslist endpoint returns raw server objects that can contain...

CVE-2025-11084

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period...

EUVD-2017-2248

Malware in sbrugna...

CVE-2025-41689 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access

An unauthenticated remote attacker can get access without password protection to the affected device. This enables the unprotected read-only access to the stored measurement data...

PT-2024-15462 · Mcafee · Skyhigh Client Proxy

Name of the Vulnerable Software and Affected Versions: Skyhigh Client Proxy affected versions not specified Description: A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password. Recommendations: At the moment, there is no information about a newer version that...

Palo Alto Networks GlobalProtect 安全漏洞

Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect that originates from the ability of an unprivileged user to...

SAP Commerce Security Breach

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. It supports sales management, marketing management, order management, and operations management. A security vulnerability exists in SAP Commerce that originates from a null password that could accept user ID and password...