Export limit exceeded: 10566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10566 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23688 | 2 Sap, Sap Se | 2 S4core, Sap Fiori App (manage Service Entry Sheets - Lean Services) | 2026-04-17 | 4.3 Medium |
| SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted. | ||||
| CVE-2026-24312 | 1 Sap | 2 Business Workflow, Sap Basis | 2026-04-17 | 5.2 Medium |
| An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application. | ||||
| CVE-2026-24322 | 2 Sap, Sap Se | 2 Solution Tools Plug-in, Sap Solution Tools Plug-in (st-pi) | 2026-04-17 | 7.7 High |
| SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability. | ||||
| CVE-2026-24326 | 2 Sap, Sap Se | 2 S\/4hana Defense \& Security, Sap S/4hana Defense & Security (disconnected Operations) | 2026-04-17 | 4.3 Medium |
| Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on confidentiality or availability of the application. | ||||
| CVE-2026-24327 | 2 Sap, Sap Se | 2 Strategic Enterprise Management, Sap Strategic Enterprise Management (balanced Scorecard In Bsp Application) | 2026-04-17 | 4.3 Medium |
| Due to missing authorization check in SAP Strategic Enterprise Management (Balanced Scorecard in Business Server Pages), an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or availability. | ||||
| CVE-2026-21743 | 1 Fortinet | 1 Fortiauthenticator | 2026-04-17 | 6.8 Medium |
| A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotected endpoint. | ||||
| CVE-2026-25609 | 1 Mongodb | 1 Mongodb | 2026-04-17 | 5.4 Medium |
| Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only. | ||||
| CVE-2026-25633 | 1 Statamic | 2 Cms, Statamic | 2026-04-17 | 4.3 Medium |
| Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata. Logged-out users and users without permission to access the control panel are unable to take advantage of this. This has been fixed in 5.73.6 and 6.2.5. | ||||
| CVE-2026-25924 | 1 Kanboard | 1 Kanboard | 2026-04-17 | 8.5 High |
| Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution (RCE). Although the application correctly hides the plugin installation interface when the PLUGIN_INSTALLER configuration is set to false, the underlying backend endpoint fails to verify this security setting. An attacker can exploit this oversight to force the server to download and install a malicious plugin, leading to arbitrary code execution. This vulnerability is fixed in 1.2.50. | ||||
| CVE-2026-26012 | 1 Dani-garcia | 1 Vaultwarden | 2026-04-17 | 6.5 Medium |
| vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to 1.35.3, a regular organization member can retrieve all ciphers within an organization, regardless of collection permissions. The endpoint /ciphers/organization-details is accessible to any organization member and internally uses Cipher::find_by_org to retrieve all ciphers. These ciphers are returned with CipherSyncType::Organization without enforcing collection-level access control. This vulnerability is fixed in 1.35.3. | ||||
| CVE-2026-26031 | 1 Frappe | 2 Frappe Lms, Learning | 2026-04-17 | 5.3 Medium |
| Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.44.0, security issue was identified in Frappe Learning, where unauthorised users were able to access the full list of enrolled students (by email) in batches. This vulnerability is fixed in 2.44.0. | ||||
| CVE-2026-22892 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2026-04-17 | 4.3 Medium |
| Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to validate user permissions when creating Jira issues from Mattermost posts, which allows an authenticated attacker with access to the Jira plugin to read post content and attachments from channels they do not have access to via the /create-issue API endpoint by providing the post ID of an inaccessible post.. Mattermost Advisory ID: MMSA-2025-00550 | ||||
| CVE-2026-26268 | 2 Anysphere, Cursor | 2 Cursor, Cursor | 2026-04-17 | 8.1 High |
| Cursor is a code editor built for programming with AI. Sandbox escape via writing .git configuration was possible in versions prior to 2.5. A malicious agent (ie prompt injection) could write to improperly protected .git settings, including git hooks, which may cause out-of-sandbox RCE next time they are triggered. No user interaction was required as Git executes these commands automatically. Fixed in version 2.5. | ||||
| CVE-2026-35491 | 1 Pi-hole | 1 Ftldns | 2026-04-17 | 6.1 Medium |
| FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, Pi-hole FTL supports a CLI password feature (webserver.api.cli_pw) that creates “CLI” API sessions intended to be read-only for configuration changes. While /api/config correctly blocks CLI sessions from mutating configuration, /api/teleporter allowed Teleporter imports for CLI sessions, enabling a CLI-scoped session to overwrite configuration via a Teleporter archive (authorization bypass). This vulnerability is fixed in 6.6. | ||||
| CVE-2026-26368 | 2 Jung, Jung-group | 2 Enet Smart Home Server, Enet Smart Home | 2026-04-17 | 8.8 High |
| eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the resetUserPassword JSON-RPC method that allows any authenticated low-privileged user (UG_USER) to reset the password of arbitrary accounts, including those in the UG_ADMIN and UG_SUPER_ADMIN groups, without supplying the current password or having sufficient privileges. By sending a crafted JSON-RPC request to /jsonrpc/management, an attacker can overwrite existing credentials, resulting in direct account takeover with full administrative access and persistent privilege escalation. | ||||
| CVE-2026-0929 | 2 Registrationmagic, Wordpress | 2 Registrationmagic, Wordpress | 2026-04-17 | 4.3 Medium |
| The RegistrationMagic WordPress plugin before 6.0.7.2 does not have proper capability checks, allowing subscribers and above to create forms on the site. | ||||
| CVE-2026-0998 | 1 Mattermost | 3 Mattermost, Mattermost Server, Zoom | 2026-04-17 | 4.3 Medium |
| Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to validate user identity and post ownership in the {{/api/v1/askPMI}} endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via direct API calls with manipulated user IDs and post data.. Mattermost Advisory ID: MMSA-2025-00534 | ||||
| CVE-2026-0997 | 1 Mattermost | 3 Mattermost, Mattermost Server, Zoom | 2026-04-17 | 4.3 Medium |
| Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 and Mattermost Plugin Zoom versions <=1.11.0 fail to validate the authenticated user when processing {{/plugins/zoom/api/v1/channel-preference}}, which allows any logged-in user to change Zoom meeting restrictions for arbitrary channels via crafted API requests.. Mattermost Advisory ID: MMSA-2025-00558 | ||||
| CVE-2026-25903 | 1 Apache | 1 Nifi | 2026-04-17 | 6.6 Medium |
| Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to the flow configuration, but framework authorization did not check restricted status when updating a component previously added. The missing authorization requires a more privileged user to add a restricted component to the flow configuration, but permits a less privileged user to make property configuration changes. Apache NiFi installations that do not implement different levels of authorization for Restricted components are not subject to this vulnerability because the framework enforces write permissions as the security boundary. Upgrading to Apache NiFi 2.8.0 is the recommended mitigation. | ||||
| CVE-2026-2658 | 1 Newbee-ltd | 1 Newbee-mall | 2026-04-17 | 4.3 Medium |
| A vulnerability was found in newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee. Affected is an unknown function of the component Multiple Endpoints. Performing a manipulation results in cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet. | ||||