Lucene search
K
VulnrichmentRecent

161427 matches found

Vulnrichment
Vulnrichment
added 2026/06/30 8:17 p.m.6 views

CVE-2025-36327 Vulnerabilities found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security...

6.5CVSS5.8AI score0.0036EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:16 p.m.5 views

CVE-2025-36328 Error Message Containing Sensitive Information found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS5.8AI score0.00367EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:15 p.m.5 views

CVE-2025-36333 Vulnerabilities found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:12 p.m.4 views

CVE-2025-36336 Transmission of Sensitive Information found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS5.8AI score0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:11 p.m.7 views

CVE-2025-36359 IBM DevOps Loop is susceptible to an Insufficient Session Expiration vulnerability.

IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system...

8.1CVSS5.8AI score0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:3 p.m.6 views

CVE-2025-36372 IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information to an authenticated user from the monitoring and event tables...

5.5CVSS5.7AI score0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:2 p.m.6 views

CVE-2026-10109 IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling...

9.8CVSS6.4AI score0.0086EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:59 p.m.5 views

CVE-2026-10129 SSRF via HTTP Redirect Following in Langflow API Request Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges flow author role can bypass SSRF protections by enabling the followredirects parameter and supplying a...

8.5CVSS5.8AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:56 p.m.3 views

CVE-2026-10134 Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows

IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process, read and modify every flow, conversation, message, file upload, and saved component in the Langflow database, can connect to internal services, abuse cloud metadata endpoints, laterally...

10CVSS5.8AI score0.00314EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:55 p.m.5 views

CVE-2026-10140 Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials,...

9.6CVSS5.8AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:54 p.m.5 views

CVE-2026-10546 DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:53 p.m.5 views

CVE-2026-10560 Unauthenticated Access to Private Flow Build Events and Cancellation in Langflow OSS

IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/buildpublictmp/ endpoints that allows an unauthenticated attacker to read build event data or cancel jobs using a valid job identifier, resulting in information disclosure and denial of service...

8.2CVSS5.8AI score0.00272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:51 p.m.5 views

CVE-2026-10564 SSRF Vulnerability in Langflow OSS Legacy Components Bypasses Protection

IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...

8.2CVSS5.8AI score0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:51 p.m.6 views

CVE-2026-11546 IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:50 p.m.5 views

CVE-2026-11595 IBM WebSphere Application Server is affected by a Path Traversal vulnerability

IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system...

4.3CVSS5.8AI score0.00474EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:47 p.m.6 views

CVE-2026-11708 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:45 p.m.6 views

CVE-2026-11712 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:44 p.m.6 views

CVE-2026-11714 IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled...

8.5CVSS5.8AI score0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:43 p.m.5 views

CVE-2026-11806 IBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerability

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...

7.2CVSS5.9AI score0.00472EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:42 p.m.6 views

CVE-2026-11906 IBM® Db2® federated server is vulnerable to a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns by autheticated user

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns...

6.5CVSS5.8AI score0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:39 p.m.5 views

CVE-2026-12084 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Permissive Cross-domain Security Policy with Untrusted Domains

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

5.4CVSS5.8AI score0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:38 p.m.4 views

CVE-2026-12085 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerability

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attack...

6.5CVSS5.7AI score0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:36 p.m.6 views

CVE-2026-12086 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Insertion of Sensitive Information into Log File Vulnerability

IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 stores potentially sensitive information in log files that could be read by a local user...

6.2CVSS5.8AI score0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:32 p.m.6 views

CVE-2026-13449 XXE attack in IBM Business Automation Manager Open Editions

IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

7.6CVSS5.8AI score0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:24 p.m.6 views

CVE-2026-13759 IBM WebSphere eXtreme Scale is affected by Insecure Deserilization

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships three ObjectInputStream subclasses WsObjectInputStream, ObjectStreamPool$ReusableInputStream, ObjectInputStreamResolver that install no JEP-290 class filter; when Coherence is on the classpath, multiple RCE gadget chains including...

7.5CVSS6.2AI score0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:21 p.m.5 views

CVE-2026-13772 IBM WebSphere eXtreme Scale's OQL is affected by remote code execution

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object Query Language engine resolves attacker-supplied class names via Class.forName and invokes their constructors with no allow-list at three distinct sinks SELECT NEW, enum literals, and reflection-based comparators; an authenticated remo...

7.5CVSS6.1AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:20 p.m.7 views

CVE-2026-13773 IBM WebSphere eXtreme Scale is affected by server side request forgery when ORB is used as Transport Protocol

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated CORBA stub classes in WebSphere eXtreme Scale's ogclient.jar call ORB.stringtoobject on an attacker-controlled IOR string during Java deserialization, turning any unfiltered ObjectInputStream sink in WAS into outbound...

6CVSS6.4AI score0.03415EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:19 p.m.8 views

CVE-2026-3602 IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

4.7CVSS5.9AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:16 p.m.7 views

CVE-2026-7663 Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass

IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.1CVSS5.8AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:15 p.m.8 views

CVE-2026-7803 Flow Validation Bypass via Empty Component Type Field

IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow nodes with missing or empty component type fields...

9.8CVSS6.4AI score0.00357EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:14 p.m.6 views

CVE-2026-7871 Insecure Deserialization in Redis Cache Backend

IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity...

9.8CVSS6.1AI score0.00386EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:13 p.m.5 views

CVE-2026-7873 Code Injection Vulnerability in Code Validation Endpoint

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read sensitive files including credentials, enabling complete system compromise and lateral movement...

9.9CVSS6AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:11 p.m.8 views

CVE-2026-7874 Weak Cryptographic Key Derivation Exposed All Stored Credentials

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all stored credentials due to the use of a weak and reversible key derivation mechanism for encryption at rest...

9.1CVSS5.8AI score0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:8 p.m.5 views

CVE-2026-9002 IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS5.8AI score0.00269EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 7:4 p.m.6 views

CVE-2026-9836 IBM DataStage Flow Designer application is affected by an information disclosure vulnerability

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

3.5CVSS5.8AI score0.00241EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:44 p.m.3 views

CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/30 6:32 p.m.4 views

CVE-2026-10513 Webmention <= 5.8.0 - Unauthenticated Stored Cross-Site Scripting via MF2 'photo'/'url' Author Properties

The Webmention plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.8.0 via parser-derived 'avatar' and 'url' author metadata. This is due to insufficient input sanitization and output escaping on user-supplied MF2 author properties processed by the...

7.2CVSS5.9AI score0.00236EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 4:33 p.m.7 views

CVE-2026-10655 Use-after-free race in SNTP async client when closing the socket while the socket service is still polling it

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:29 p.m.8 views

CVE-2026-10654 RFCOMM session-disconnect race leaks session/L2CAP and denies further RFCOMM service in Zephyr Bluetooth Classic

A race condition in the Zephyr Bluetooth Classic RFCOMM host stack subsys/bluetooth/host/classic/rfcomm.c mishandles a simultaneous bidirectional session disconnect. When the local device has initiated a session teardown state BTRFCOMMSTATEDISCONNECTING, DISC sent, RTX timer armed and the connect...

3.1CVSS5.8AI score0.00128EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:21 p.m.7 views

CVE-2026-8864 HP Fan Control App – Potential Escalation of Privilege

The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...

7.3CVSS5.7AI score0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 4:20 p.m.7 views

CVE-2026-10653 Non-atomic `net_buf` reference counts cause double-free / free-list corruption under concurrent unref

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

6.4CVSS6AI score0.00237EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:1 p.m.7 views

CVE-2026-9263 Out-of-bounds read in Bluetooth Controller ISOAL framed RX reassembly leaks adjacent memory into host HCI ISO packets

The Zephyr Bluetooth controller ISO Adaptation Layer subsys/bluetooth/controller/llsw/isoal.c fails to validate the length field of a framed ISO PDU start segment. Per the Bluetooth specification a start segment sc=0 always carries a 3-byte timeoffset, so its segment-header len must be at least...

6.5CVSS6AI score0.00201EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:1 p.m.9 views

CVE-2026-49451 Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing

The OpenAPI.NET SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. From 2.0.0-preview11 until 2.7.5 and 3.5.4, a small OpenAPI document containing a circular schema reference can cause proce...

7.5CVSS5.8AI score0.00695EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 3:59 p.m.7 views

CVE-2026-58377 JeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret Keys

JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, update, and delete operations on OpenAPI credentials by accessing the OpenApiAuthController and OpenApiPermissionController endpoints which lack Shiro...

8.6CVSS5.8AI score0.00263EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 3:59 p.m.9 views

CVE-2026-58376 Dolibarr - SQL Injection via sqlfilters Parameter in Multiple REST API List Endpoints

Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users to exfiltrate arbitrary database contents by supplying malicious values to the sqlfilters query parameter in the setup dictionary and multicurrencies REST API endpoints. Th...

7.6CVSS6AI score0.00221EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 3:58 p.m.5 views

CVE-2026-58375 JimuReport 2.5.0 - Unauthenticated Report Export via /jmreport/auto/export

JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @JimuNoLoginRequired, so JimuReportTokenInterceptor skips all authentication and authorization, and the export service streams the rendered report for any supplied report id...

8.7CVSS5.9AI score0.00458EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 3:58 p.m.7 views

CVE-2026-58373 CVAT < 2.69.0 - Missing Authorization on Quality Reports parent_id Filter Leaks Cross-Organization Report Existence

CVAT before 2.69.0 contains an improper authorization vulnerability in QualityReportViewSet.getqueryset that allows authenticated attackers to enumerate quality report identifiers belonging to other organizations by exploiting a missing checkobjectpermissions call on the parentid query parameter ...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 3:57 p.m.7 views

CVE-2026-58372 SeaweedFS < 4.34 - Cross-Bucket Object Deletion via DeleteObjects Request-Body Keys

SeaweedFS before 4.34 contains a path traversal vulnerability in the S3 gateway DeleteMultipleObjectsHandler that allows authenticated S3 principals with write access to a single bucket to delete arbitrary objects in other tenants' buckets by supplying object keys containing ../ sequences in the...

8.1CVSS5.9AI score0.00766EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/30 3:57 p.m.5 views

CVE-2026-58371 SeaweedFS < 4.30 - Cross-Origin Information Disclosure via Unvalidated JSONP callback Parameter

SeaweedFS before 4.30 reflects the callback query parameter verbatim into responses served with Content-Type application/javascript in the shared writeJson helper weed/server/common.go, with no callback-name validation, no X-Content-Type-Options: nosniff header, and no CORS allow-list. Every JSON...

3.1CVSS5.7AI score0.0021EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/30 3:57 p.m.8 views

CVE-2026-58370 Woodpecker < 3.15.0 - GitLab Approval Gate Bypass via Spoofable Commit Author Name

Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, pipeline.Author is populated from the git commit author name commit.author.name carried in the webhook payload, which is attacker-controlled and not verified by GitLab. A us...

9.2CVSS6AI score0.00546EPSS
Exploits0References4
Total number of security vulnerabilities161427