Search Vulnerabilities

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path

Jan 15, 2026

CVE-2026-22252

CRITICAL

LibreChat MCP Stdio Remote Command Execution

Jan 12, 2026

CVE-2025-67603

Lack of client authorization allows arbitrary users to influence the firewall configuration

CVE-2026-22042

RustFS has IAM Incorrect Authorization in ImportIam that Allows Privilege Escalation

CVE-2025-12958

Rankology SEO and Analytics Tool <= 2.0 - Incorrect Authorization to Authenticated (Editor+) Header & Footer Code Creation

Jan 7, 2026

CVE-2025-9294

Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion

Jan 6, 2026

CVE-2025-61781

HIGH

GraphQL IDOR allows authenticated user to delete workspace content of other users

Jan 5, 2026

CVE-2026-0574

yeqifu warehouse Request UserController.java saveUserRole improper authorization

Jan 4, 2026

CVE-2025-15213

code-projects Student File Management System File Download download.php improper authorization

Dec 30, 2025

CVE-2025-15126

JeecgBoot getPositionUserList improper authorization

CVE-2025-15125

JeecgBoot queryDepartPermission improper authorization

CVE-2025-15124

JeecgBoot list getParameterMap improper authorization

CVE-2025-15123

JeecgBoot datarule improper authorization

CVE-2025-15122

JeecgBoot datarule loadDatarule improper authorization

CVE-2025-15120

JeecgBoot getDeptRoleList improper authorization

CVE-2025-15119

JeecgBoot list queryPageList improper authorization

CVE-2025-15118

macrozheng mall Member Endpoint update improper authorization

CVE-2025-15106

getmaxun Authentication Endpoint auth.ts router.get improper authorization

Dec 27, 2025

CVE-2025-15087

youlaitech youlai-mall OrderController.java submitOrderPayment improper authorization

CVE-2025-15085

youlaitech youlai-mall Balance MemberController.java deductBalance improper authorization

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-22641

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path

Jan 15, 2026

CVE-2026-22252

CRITICAL

LibreChat MCP Stdio Remote Command Execution

Jan 12, 2026

CVE-2025-67603

Lack of client authorization allows arbitrary users to influence the firewall configuration

CVE-2026-22042

RustFS has IAM Incorrect Authorization in ImportIam that Allows Privilege Escalation

CVE-2025-12958

Rankology SEO and Analytics Tool <= 2.0 - Incorrect Authorization to Authenticated (Editor+) Header & Footer Code Creation

Jan 7, 2026

CVE-2025-9294

Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion

Jan 6, 2026

CVE-2025-61781

HIGH

GraphQL IDOR allows authenticated user to delete workspace content of other users

Jan 5, 2026

CVE-2026-0574

yeqifu warehouse Request UserController.java saveUserRole improper authorization

Jan 4, 2026

CVE-2025-15213

code-projects Student File Management System File Download download.php improper authorization

Dec 30, 2025

CVE-2025-15126

JeecgBoot getPositionUserList improper authorization

CVE-2025-15125

JeecgBoot queryDepartPermission improper authorization

CVE-2025-15124

JeecgBoot list getParameterMap improper authorization

CVE-2025-15123

JeecgBoot datarule improper authorization

CVE-2025-15122

JeecgBoot datarule loadDatarule improper authorization

CVE-2025-15120

JeecgBoot getDeptRoleList improper authorization

CVE-2025-15119

JeecgBoot list queryPageList improper authorization

CVE-2025-15118

macrozheng mall Member Endpoint update improper authorization

CVE-2025-15106

getmaxun Authentication Endpoint auth.ts router.get improper authorization

Dec 27, 2025

CVE-2025-15087

youlaitech youlai-mall OrderController.java submitOrderPayment improper authorization

CVE-2025-15085

youlaitech youlai-mall Balance MemberController.java deductBalance improper authorization