VIR Vulnerability Intelligence Relay

Search

Found 1,044 results in 98ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-10112 low 2.4 2.4 7d ago A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site s…
CVE-2026-48840 medium 5.3 5.3 FIX debian debian exim 7d ago Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
CVE-2026-47416 unknown 7d ago praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH /workspaces/{id}/members/{user_id}
CVE-2026-47409 unknown 7d ago praisonai-platform: Missing authorization on member removal enables full workspace takeover by any user regardless of role
CVE-2026-47414 unknown 7d ago praisonai-platform: Label endpoints' unchecked label_id/issue_id enable cross-workspace label IDOR (edit, delete, link)
CVE-2026-47406 unknown 7d ago praisonai-platform: IDOR in dependency endpoints allows cross-workspace issue linking, reading, and deletion due to missing ownership checks
CVE-2026-47410 unknown 7d ago praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset
CVE-2026-47405 unknown 7d ago PraisonAI Platform: Missing role checks let any workspace member become owner and control workspace membership
CVE-2026-47399 unknown 7d ago PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID
CVE-2026-47407 unknown 7d ago PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
CVE-2026-47408 unknown 7d ago praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership
CVE-2026-48169 unknown 7d ago PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
CVE-2026-47397 unknown 7d ago PraisonAI has an Arbitrary File Write in Python API
CVE-2026-47391 unknown 7d ago PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution
CVE-2026-47394 unknown 7d ago PraisonAI vulnerable to unauthenticated arbitrary file read via MCP workflow.show, workflow.validate, deploy.validate
CVE-2026-47392 unknown 7d ago PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)
CVE-2026-47395 unknown 7d ago PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context
CVE-2026-47393 unknown 7d ago PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default
CVE-2026-47396 unknown 7d ago PraisonAI call server exposes unauthenticated agent listing, invocation, and deletion when CALL_SERVER_TOKEN is unset
CVE-2026-47390 unknown 7d ago PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings
CVE-2026-47398 unknown 7d ago PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `agents_generator.py` - sibling of CVE-2026-44334
CVE-2026-9831 medium 6.3 6.3 7d ago A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with…
CVE-2026-47268 unknown 7d ago Nezha's authenticated DDNS webhook configuration allows blind SSRF from the dashboard host
CVE-2026-47233 unknown 7d ago Admidio: Any logged-in user can delete inventory fields via `mode=field_delete` — incomplete fix of #2024
CVE-2026-47234 unknown 7d ago Admidio writes session IDs and auto-login cookie values to application logs
CVE-2026-47232 unknown 7d ago Admidio PKCS#12 private key export action lacks CSRF protection
CVE-2026-47231 unknown 7d ago Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders
CVE-2026-47230 unknown 7d ago Admidio: IDOR in documents-files.php allows cross-folder file rename and description changes by unauthorized uploaders
CVE-2026-47229 unknown 7d ago Admidio: CSRF in SSO client `enable` action toggles SAML/OIDC clients without token validation
CVE-2026-47228 unknown 7d ago Admidio's CSRF in registration `send_login` mode resets arbitrary user passwords
CVE-2026-47227 unknown 7d ago Admidio module-administrator can delete or reorder categories owned by other modules via dead authorization check in `modules/categories.php`
CVE-2026-47226 unknown 7d ago Admidio: Authorization bypass in file_delete enables cross-folder file removal by authenticated users without delete privileges
CVE-2026-47213 unknown 7d ago BoxLite has a Timeout Bypass Vulnerability
CVE-2026-47211 unknown 7d ago ouroboros-ai Vulnerable to Remote Code Execution via Untrusted Project-Directory .env
CVE-2026-47203 unknown 7d ago Authelia Missing Username Canonicalization in Basic Auth (LDAP)
CVE-2026-47695 unknown 7d ago CC-Tweaked has an SSRF Protection Bypass with NAT64
CVE-2026-47184 unknown 7d ago zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion via multicast flood
CVE-2026-48811 medium 4.3 4.3 7d ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note (private thread) from any…
CVE-2026-48810 medium 4.3 4.3 7d ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox m…
CVE-2026-45294 medium 5.3 5.3 7d ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted…
CVE-2026-45151 unknown 7d ago NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code fi…
CVE-2026-44640 medium 4.5 4.5 7d ago NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, but read as ex_quic_conn* during dialer close. This …
CVE-2026-44287 medium 6.3 6.3 7d ago FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import() with the regex /\bimport\s*\(/.t…
CVE-2026-47183 unknown 7d ago zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion