|
591
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Devise is an authentication solution for Rails based on Warden. In versions 5.0.3 and below, when the Timeoutable module is enabled in Devise, the FailureApp#redirect_url method returns request.refer…
|
CWE-601
Open Redirect
|
CVE-2026-40295
|
2026-05-23 05:16 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
592
|
- |
|
-
|
-
|
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated strin…
|
-
|
CVE-2026-39824
|
2026-05-23 05:16 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
593
|
8.8 |
HIGH
Network
|
litellm
|
litellm
|
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restri…
|
CWE-863
Incorrect Authorization
|
CVE-2026-47102
|
2026-05-23 04:39 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
594
|
8.8 |
HIGH
Network
|
litellm
|
litellm
|
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored with…
|
CWE-863
Incorrect Authorization
|
CVE-2026-47101
|
2026-05-23 04:39 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
595
|
9.8 |
CRITICAL
Network
|
drupal
|
drupal
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection.
This issue affects Drupal core: from 8.9.0 before 10.4.…
|
CWE-89
SQL Injection
|
CVE-2026-9082
|
2026-05-23 04:38 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
596
|
7.5 |
HIGH
Network
|
apache
|
cxf
|
The fix for CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE was not complete, meaning that another path in the code might lead to code execution capabilities, if untrusted use…
|
CWE-20
Improper Input Validation
|
CVE-2026-44417
|
2026-05-23 04:29 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
597
|
5.4 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to g…
|
CWE-863
Incorrect Authorization
|
CVE-2026-28735
|
2026-05-23 04:28 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
598
|
6.4 |
MEDIUM
Network
|
concretecms
|
concrete_cms
|
For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 (suspended, banned, terminated employee) can still authenticate via OAuth and r…
|
CWE-1287
Improper Validation of Specified Type of Input
|
CVE-2026-7887
|
2026-05-23 04:21 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
599
|
- |
|
-
|
-
|
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the c…
|
CWE-200
CWE-863
Information Exposure
Incorrect Authorization
|
CVE-2026-40166
|
2026-05-23 04:19 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
600
|
8.1 |
HIGH
Network
|
-
|
-
|
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/{pk}/ API allows a caller with change_user on a target us…
|
CWE-269
Improper Privilege Management
|
CVE-2026-40172
|
2026-05-23 04:19 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
