Export limit exceeded: 355881 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3382 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39848 | 1 10ij | 1 Dockyard | 2026-04-13 | 6.5 Medium |
| Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A remote attacker can cause a logged-in administrator's browser to request /apps/action.php?action=stop&name=<container> or /apps/action.php?action=start&name=<container>, which starts or stops the target container. This vulnerability is fixed in 1.1.0. | ||||
| CVE-2026-33788 | 1 Juniper Networks | 1 Junos Os Evolved | 2026-04-13 | 7.8 High |
| A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component. This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO. | ||||
| CVE-2026-5777 | 1 Egate | 1 Atom 3x Projector | 2026-04-13 | N/A |
| This vulnerability exists in the Atom 3x Projector due to improper exposure of the Android Debug Bridge (ADB) service over the local network without authentication or access controls. An unauthenticated attacker on the same network can exploit this vulnerability to obtain root-level access, leading to complete compromise of the targeted device. | ||||
| CVE-2026-4810 | 1 Google Cloud | 1 Agent Development Kit (adk) | 2026-04-13 | N/A |
| A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) versions 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2) on Python (OSS), Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This vulnerability was patched in versions 1.28.1 and 2.0.0a2. Customers need to redeploy the upgraded ADK to their production environments. In addition, if they are running ADK Web locally, they also need to upgrade their local instance. | ||||
| CVE-2026-32211 | 1 Microsoft | 1 Azure Web Apps | 2026-04-10 | 9.1 Critical |
| Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-32295 | 1 Jetkvm | 2 Jetkvm, Kvm | 2026-04-10 | 7.5 High |
| JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials. | ||||
| CVE-2026-34952 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-04-10 | 9.1 Critical |
| PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97. | ||||
| CVE-2019-25686 | 1 Coreftp | 1 Core Ftp | 2026-04-09 | 7.5 High |
| Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending a malformed command with an oversized buffer. Attackers can send a PBSZ command with a payload exceeding 211 bytes to trigger an access violation and crash the FTP server process. | ||||
| CVE-2026-33419 | 1 Minio | 1 Minio | 2026-04-09 | 7.5 High |
| MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: (1) distinguishable error responses that enable username enumeration, and (2) absence of rate limiting on authentication attempts. An unauthenticated network attacker can enumerate valid LDAP usernames and then perform unlimited password guessing to obtain temporary AWS-style STS credentials, gaining access to the victim's S3 buckets and objects. This issue has been patched in RELEASE.2026-03-17T21-25-16Z. | ||||
| CVE-2018-25225 | 2 Sipp, Sipp Project | 2 Sipp, Sipp | 2026-04-09 | 8.4 High |
| SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets. | ||||
| CVE-2026-33496 | 1 Ory | 1 Oathkeeper | 2026-04-08 | 8.1 High |
| ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to authentication bypass due to cache key confusion. The `oauth2_introspection` authenticator cache does not distinguish tokens that were validated with different introspection URLs. An attacker can therefore legitimately use a token to prime the cache, and subsequently use the same token for rules that use a different introspection server. Ory Oathkeeper has to be configured with multiple `oauth2_introspection` authenticator servers, each accepting different tokens. The authenticators also must be configured to use caching. An attacker has to have a way to gain a valid token for one of the configured introspection servers. Starting in version 26.2.0, Ory Oathkeeper includes the introspection server URL in the cache key, preventing confusion of tokens. Update to the patched version of Ory Oathkeeper. If that is not immediately possible, disable caching for `oauth2_introspection` authenticators. | ||||
| CVE-2026-33879 | 2 Aicentre, Londonaicentre | 2 Federated Learning And Interoperability Platform, Flip | 2026-04-08 | 9.8 Critical |
| Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and credential-stuffing attacks. FLIP users are external to the organization, increasing credential reuse risk. As of time of publication, it is unclear if a patch is available. | ||||
| CVE-2026-34200 | 1 Nhost | 2 Cli, Nhost | 2026-04-08 | 7.5 High |
| Nhost is an open source Firebase alternative with GraphQL. Prior to version 1.41.0, The Nhost CLI MCP server, when explicitly configured to listen on a network port, applies no inbound authentication and does not enforce strict CORS. This allows a malicious website visited on the same machine to issue cross-origin requests to the MCP server and invoke privileged tools using the developer's locally configured credentials. This vulnerability requires two explicit, non-default configuration steps to be exploitable. The default nhost mcp start configuration is not affected. This issue has been patched in version 1.41.0. | ||||
| CVE-2026-1579 | 1 Px4 | 2 Autopilot, Px4-autopilot | 2026-04-08 | 9.8 Critical |
| The MAVLink communication protocol does not require cryptographic authentication by default. When MAVLink 2.0 message signing is not enabled, any message -- including SERIAL_CONTROL, which provides interactive shell access -- can be sent by an unauthenticated party with access to the MAVLink interface. PX4 provides MAVLink 2.0 message signing as the cryptographic authentication mechanism for all MAVLink communication. When signing is enabled, unsigned messages are rejected at the protocol level. | ||||
| CVE-2026-34999 | 1 Volcengine | 1 Openviking | 2026-04-08 | 5.3 Medium |
| OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials. | ||||
| CVE-2026-26027 | 1 Glpi-project | 1 Glpi | 2026-04-08 | 7.5 High |
| GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, an unauthenticated user can store an XSS payload through the inventory endpoint. This vulnerability is fixed in 11.0.6. | ||||
| CVE-2023-4939 | 1 Salesmanago | 1 Salesmanago | 2026-04-08 | 5.3 Medium |
| The SALESmanago plugin for WordPress is vulnerable to Log Injection in versions up to, and including, 3.2.4. This is due to the use of a weak authentication token for the /wp-json/salesmanago/v1/callbackApiV3 API endpoint which is simply a SHA1 hash of the site URL and client ID found in the page source of the website. This makes it possible for unauthenticated attackers to inject arbitrary content into the log files, and when combined with another vulnerability this could have significant consequences. | ||||
| CVE-2023-2834 | 1 Stylemixthemes | 1 Bookit | 2026-04-08 | 9.8 Critical |
| The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | ||||
| CVE-2023-2781 | 1 Wisetr | 1 User Email Verification For Woocommerce | 2026-04-08 | 8.1 High |
| The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resend_verification_email function. This allows unauthenticated attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Allow Automatic Login After Successful Verification setting to be enabled, which it is not by default. | ||||
| CVE-2020-36724 | 1 Wordable | 1 Wordable | 2026-04-08 | 9.8 Critical |
| The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker to trick the function into thinking it has a valid hash. This makes it possible for unauthenticated attackers to gain administrator privileges. | ||||