Export limit exceeded: 354383 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11915 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21735 | 1 Zte | 2 Zxhn H168n, Zxhn H168n Firmware | 2026-05-26 | 6.5 Medium |
| A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE. | ||||
| CVE-2026-39969 | 1 Baptistearno | 1 Typebot.io | 2026-05-25 | 6.5 Medium |
| TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint (POST /v1/workspaces/{workspaceId}/whatsapp/{credentialsId}/webhook) does not verify the x-hub-signature-256 HMAC signature included by Meta in every webhook delivery. The webhook URL exposes both workspaceId and credentialsId as path parameters, which are logged in web server access logs, visible in Meta's webhook configuration dashboard, and potentially shared when configuring integrations. This allows any unauthenticated attacker to send spoofed webhook messages to trigger bot flows, consume API resources, and interact with external services using the workspace owner's credentials. The issue has been fixed in version 3.17.0. | ||||
| CVE-2025-32975 | 1 Quest | 1 Kace Systems Management Appliance | 2026-05-24 | 10 Critical |
| Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover. | ||||
| CVE-2026-9352 | 1 Nousresearch | 1 Hermes-agent | 2026-05-24 | 5.3 Medium |
| A weakness has been identified in NousResearch hermes-agent up to 2026.4.23. This issue affects the function _make_run_env of the file tools/environments/local.py of the component Messaging Gateway Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-1603 | 1 Ivanti | 1 Endpoint Manager | 2026-05-23 | 8.6 High |
| An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data. | ||||
| CVE-2025-13118 | 1 Macrozheng | 2 Mall, Mall-swarm | 2026-05-23 | 6.3 Medium |
| A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2022-31231 | 1 Dell | 2 Ecs, Elastic Cloud Storage | 2026-05-23 | 5.9 Medium |
| Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data. | ||||
| CVE-2026-39831 | 1 Golang | 1 Ssh | 2026-05-22 | 9.1 Critical |
| The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a "no-touch-required" extension in Permissions.Extensions from PublicKeyCallback. | ||||
| CVE-2026-39828 | 1 Golang | 1 Ssh | 2026-05-22 | 6.3 Medium |
| When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error. | ||||
| CVE-2026-33117 | 1 Microsoft | 1 Azure Sdk For Java | 2026-05-22 | 9.1 Critical |
| The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Operations delegated to the Key Vault service are not affected. The issue is addressed in version 4.10.6. | ||||
| CVE-2026-42822 | 1 Microsoft | 2 Azure Local, Azure Resource Manager | 2026-05-22 | 10 Critical |
| Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-9223 | 1 Devolutions | 2 Devolutions Server, Server | 2026-05-22 | 4.3 Medium |
| Missing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged authenticated user to create new vaults via a crafted import request. | ||||
| CVE-2026-5171 | 1 Devolutions | 2 Devolutions Server, Server | 2026-05-22 | 4.3 Medium |
| Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier | ||||
| CVE-2026-1524 | 1 Neo4j | 2 Enterprise Edition, Neo4j | 2026-05-22 | 9.8 Critical |
| An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised access under the following conditions: If a neo4j admin configures two or more OIDC providers AND configures one or more of them to be an authorization provider AND configures one or more of them to be authentication-only, then those that are authentication-only will also provide authorization. This edgecase becomes a security problem only if the authentication-only provider contains groups which have higher privileges than provided by the intended (configured) authorization provider. When using multiple plugins for authentication and authorisation, prior to the fix the issue could lead to a plugin configured to provide only authentication or authorisation capabilities erroneously providing both capabilities. We recommend upgrading to versions 2026.02 (or 5.26.22) where the issue is fixed. | ||||
| CVE-2026-34908 | 1 Ubiquiti | 31 Efg, Envr, Envr-core and 28 more | 2026-05-22 | 10 Critical |
| A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system. | ||||
| CVE-2023-1803 | 1 Redline | 1 Router Firmware | 2026-05-22 | 9.8 Critical |
| Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass. This issue affects Redline Router: before 7.17. | ||||
| CVE-2023-1833 | 1 Redline | 1 Router Firmware | 2026-05-22 | 9.8 Critical |
| Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass. This issue affects Redline Router: before 7.17. | ||||
| CVE-2023-2959 | 1 Olivaekspertiz | 1 Oliva Ekspertiz | 2026-05-22 | 7.5 High |
| Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users. This issue affects Oliva Expertise EKS: before 1.2. | ||||
| CVE-2026-43617 | 2 Rsync Project, Samba | 2 Rsync, Rsync | 2026-05-21 | 4.8 Medium |
| Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing connections from hostnames that administrators intended to deny when reverse DNS resolution fails and defaults to UNKNOWN. | ||||
| CVE-2026-43403 | 1 Linux | 1 Linux Kernel | 2026-05-21 | 8.8 High |
| In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts. | ||||