Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities
ChurchCRM: Cross-Site Request Forgery (CSRF) Leading to Admin Privilege Escalation
Fides: Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection
RCE in Code Runner MCP Server
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5
WWBN AVideo: Unauthenticated User Enumeration in `objects/users.json.php` via `isCompany` Parameter Flips `$ignoreAdmin = true` and Defeats Admin-O...
FireFighter: Unauthenticated SSRF in Raid jira_bot endpoint allows IAM credential theft
Network-AI: Missing authentication on MCP HTTP endpoint allows unauthenticated privileged tool calls
In JetBrains TeamCity before 2026
pyload-ng: non-admin SETTINGS users can disable outbound TLS peer verification
WordPress Download From Files 1.48 Arbitrary File Upload
OpenCATS 0.9.4 Remote Code Execution via Resume Upload
WordPress MStore API 2.0.6 Arbitrary File Upload
phpvms: /importer authorization bypass causing full database wipe
UGREEN CM933 Administrative missing authentication
FastGPT: Unauthenticated Remote Code Execution (RCE) via code-server Misconfiguration in agent-sandbox
Scoold: Persistent Admin Takeover by Overwriting the admins Configuration Setting via Forged JWT (missing `jti` validation)
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution
Authentication bypass vulnerability in GitHub Enterprise Server allowed creation of local user accounts bypassing the configured external identity ...
Open MQTT orchestration without read/write ACLs in Yarbo robot firmware
Showing 1 - 20 of 1,000+ results