Export limit exceeded: 345223 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1529 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3185 | 2 Feiyuchuixue, Szadmin | 2 Sz-boot-parent, Sz-boot-parent | 2026-04-18 | 5.3 Medium |
| A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be used. Upgrading to version 1.3.3-beta is able to address this issue. The patch is identified as aefaabfd7527188bfba3c8c9eee17c316d094802. The affected component should be upgraded. The project was informed beforehand and acted very professional: "We have implemented message ownership verification, so that users can only query messages related to themselves." | ||||
| CVE-2026-21447 | 1 Webkul | 1 Bagisto | 2026-04-18 | 7.1 High |
| Bagisto is an open source laravel eCommerce platform. Prior to version 2.3.10, an Insecure Direct Object Reference vulnerability in the customer order reorder function allows any authenticated customer to add items from another customer's order to their own shopping cart by manipulating the order ID parameter. This exposes sensitive purchase information and enables potential fraud. Version 2.3.10 patches the issue. | ||||
| CVE-2026-1201 | 1 Hubitat | 6 Elevation C3, Elevation C4, Elevation C5 and 3 more | 2026-04-18 | N/A |
| An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation. | ||||
| CVE-2026-25497 | 1 Craftcms | 2 Craft Cms, Craftcms | 2026-04-18 | 8.8 High |
| Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL API that allows an authenticated user with write access to one asset volume to escalate their privileges and modify/transfer assets belonging to any other volume, including restricted or private volumes to which they should not have access. The saveAsset GraphQL mutation validates authorization against the schema-resolved volume but fetches the target asset by ID without verifying that the asset belongs to the authorized volume. This allows unauthorized cross-volume asset modification and transfer. This vulnerability is fixed in 4.17.0-beta.1 and 5.9.0-beta.1. | ||||
| CVE-2026-30823 | 1 Flowiseai | 1 Flowise | 2026-04-18 | N/A |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13. | ||||
| CVE-2026-30825 | 1 Hoppscotch | 1 Hoppscotch | 2026-04-18 | 0 Low |
| hoppscotch is an open source API development ecosystem. Prior to version 2026.2.1, the DELETE /v1/access-tokens/revoke endpoint allows any authenticated user to delete any other user's PAT by providing its ID, with no ownership verification. This issue has been patched in version 2026.2.1. | ||||
| CVE-2026-22235 | 2 Opexus, Opexustech | 2 Ecomplaint, Ecase Ecomplaint | 2026-04-18 | 7.5 High |
| OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files. | ||||
| CVE-2026-23844 | 2 Whisper-money, Whisper.money | 2 Whisper-money, Whisper Money | 2026-04-18 | 4.3 Medium |
| Whisper Money is a personal finance application. Versions prior to 0.1.5 have an insecure direct object reference vulnerability. A user can update/create account balances in other users' bank accounts. Version 0.1.5 fixes the issue. | ||||
| CVE-2026-24379 | 2 Wordpress, Wpjobportal | 2 Wordpress, Wp Job Portal | 2026-04-18 | 9.1 Critical |
| Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.3. | ||||
| CVE-2026-20897 | 1 Gitea | 1 Gitea | 2026-04-18 | 9.1 Critical |
| Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories. | ||||
| CVE-2026-20904 | 1 Gitea | 1 Gitea | 2026-04-18 | 6.5 Medium |
| Gitea does not properly validate ownership when toggling OpenID URI visibility. An authenticated user may be able to change the visibility settings of other users' OpenID identities. | ||||
| CVE-2026-1213 | 1 Askbot | 1 Askbot | 2026-04-18 | 4.3 Medium |
| All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2. | ||||
| CVE-2026-1733 | 2 Crmeb, Zhongbangkeji | 2 Crmeb, Crmeb | 2026-04-18 | 4.3 Medium |
| A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/store_integral/order/detail/:uni. The manipulation of the argument order_id leads to improper authorization. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-25574 | 1 Payloadcms | 1 Payload | 2026-04-18 | 5.4 Medium |
| Payload is a free and open source headless content management system. Prior to 3.74.0, a cross-collection Insecure Direct Object Reference (IDOR) vulnerability exists in the payload-preferences internal collection. In multi-auth collection environments using Postgres or SQLite with default serial/auto-increment IDs, authenticated users from one auth collection can read and delete preferences belonging to users in different auth collections when their numeric IDs collide. This vulnerability has been patched in v3.74.0. | ||||
| CVE-2026-24900 | 1 Markusproject | 1 Markus | 2026-04-18 | 6.5 Medium |
| MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, the courses/<:course_id>/assignments/<:assignment_id>/submissions/html_content accepted a select_file_id parameter to serve SubmissionFile objects containing a record of files submitted by students. This parameter was not correctly scoped to the requesting user, allowing users access arbitrary submission file contents by id. This vulnerability is fixed in 2.9.1. | ||||
| CVE-2026-1080 | 1 Gitlab | 1 Gitlab | 2026-04-18 | 4.3 Medium |
| GitLab has remediated an issue in GitLab EE affecting all versions from 16.7 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to access iteration data from private descendant groups by querying the iterations API endpoint. | ||||
| CVE-2026-1619 | 2 Uni-yaz, Universal Software Inc. | 2 Flexcity, Flexcity/kiosk | 2026-04-18 | 8.3 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36. | ||||
| CVE-2026-2697 | 1 Tenable | 1 Security Center | 2026-04-18 | 6.3 Medium |
| An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter. | ||||
| CVE-2026-2698 | 1 Tenable | 1 Security Center | 2026-04-18 | 6.5 Medium |
| An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope. | ||||
| CVE-2026-27943 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-04-18 | 6.5 Medium |
| OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, the eye exam (eye_mag) view loads data by `form_id` (or equivalent) without verifying that the form belongs to the current user’s patient/encounter context. An authenticated user can access or edit any patient’s eye exam by supplying another form ID; in some flows the session’s active patient may also be switched. A fix is available on the `main` branch of the OpenEMR GitHub repository. | ||||