|
2991
|
6.5 |
MEDIUM
Network
|
lfprojects
|
mlflow
|
MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `mlfl…
|
CWE-284
Improper Access Control
|
CVE-2026-3198
|
2026-06-4 02:07 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2992
|
4.3 |
MEDIUM
Network
|
elabftw
|
elabftw
|
eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the …
|
CWE-200
Information Exposure
|
CVE-2026-28511
|
2026-06-4 02:06 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2993
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the files_lock app did not properly validate the ow…
|
CWE-287
Improper Authentication
|
CVE-2026-45283
|
2026-06-4 02:02 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2994
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no addition…
|
CWE-20
Improper Input Validation
|
CVE-2026-0085
|
2026-06-4 02:02 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2995
|
8.0 |
HIGH
Adjacent
|
google
|
android
|
In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalati…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0095
|
2026-06-4 02:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2996
|
7.8 |
HIGH
Local
|
google
|
android
|
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalat…
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-0094
|
2026-06-4 02:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2997
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n…
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-0093
|
2026-06-4 02:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2998
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execut…
|
CWE-269
Improper Privilege Management
|
CVE-2026-0091
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2999
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no a…
|
CWE-269
Improper Privilege Management
|
CVE-2026-0089
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3000
|
7.8 |
HIGH
Local
|
google
|
android
|
In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with …
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-0088
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
