|
701
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token exchange. The GetTokenExchangeToken function in object/token_oauth.go validates JWT signatures but does …
Update
|
-
|
CVE-2026-9094
|
2026-06-3 02:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
9.8 |
CRITICAL
Network
|
-
|
-
|
In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML assertions. The buildSp function in object/saml_sp.go never…
Update
|
-
|
CVE-2026-9093
|
2026-06-3 02:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
5.9 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting …
Update
|
CWE-362
Race Condition
|
CVE-2026-5516
|
2026-06-3 02:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
5.5 |
MEDIUM
Local
|
ibm
|
app_connect_enterprise
|
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user.
Update
|
CWE-922
CWE-532
Insecure Storage of Sensitive Information
Inclusion of Sensitive Information in Log Files
|
CVE-2026-5515
|
2026-06-3 02:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
3.7 |
LOW
Network
|
-
|
-
|
A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive informat…
New
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2026-5419
|
2026-06-3 02:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
4.2 |
MEDIUM
Network
|
pyjwt_project
|
pyjwt
|
PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registe…
Update
|
CWE-441
CWE-918
Confused Deputy
Server-Side Request Forgery (SSRF)
|
CVE-2026-48522
|
2026-06-3 02:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
8.5 |
HIGH
Network
|
oracle
|
financials_common_modules
|
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
Update
|
NVD-CWE-noinfo
CWE-284
Improper Access Control
|
CVE-2026-46820
|
2026-06-3 02:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
4.3 |
MEDIUM
Network
|
apache
|
airflow
|
The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the colle…
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-46764
|
2026-06-3 02:16 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
8.8 |
HIGH
Network
|
-
|
-
|
Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fie…
Update
|
CWE-290
CWE-639
CWE-862
Authentication Bypass by Spoofing
Authorization Bypass Through User-Controlled Key
Missing Authorization
|
CVE-2026-46414
|
2026-06-3 02:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. As a result, any authenticated user can create, up…
Update
|
CWE-78
CWE-269
CWE-862
OS Command
Improper Privilege Management
Missing Authorization
|
CVE-2026-45632
|
2026-06-3 02:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
