CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
CVE-2026-8743 (GCVE-0-2026-8743)
Vulnerability from cvelistv5 – Published: 2026-05-17 09:00 – Updated: 2026-05-21 07:11 X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/vuln/364330 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/364330/cti | signaturepermissions-required |
| https://vuldb.com/submit/814559 | third-party-advisory |
| https://github.com/open5gs/open5gs/issues/4498 | exploitissue-tracking |
| https://github.com/open5gs/open5gs/pull/4553 | issue-trackingpatch |
| https://github.com/open5gs/open5gs/commit/5746b85… | patch |
| https://github.com/open5gs/open5gs/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8743",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-18T14:20:42.468011Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-18T14:20:52.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*"
],
"modules": [
"AMF/MME"
],
"product": "Open5GS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.7.0"
},
{
"status": "affected",
"version": "2.7.1"
},
{
"status": "affected",
"version": "2.7.2"
},
{
"status": "affected",
"version": "2.7.3"
},
{
"status": "affected",
"version": "2.7.4"
},
{
"status": "affected",
"version": "2.7.5"
},
{
"status": "affected",
"version": "2.7.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Seungjoon Na (Kookmin University ICSR Lab)"
},
{
"lang": "en",
"type": "finder",
"value": "Jinha Kim (Kookmin University ICSR Lab)"
},
{
"lang": "en",
"type": "reporter",
"value": "Seungjoon Na (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "Seungjoon Na (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The patch is named 5746b8576cfceec18ed87eb7d8cf11b1fb4cd8b1. It is suggested to install a patch to address this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T07:11:29.557Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-364330 | Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/364330"
},
{
"name": "VDB-364330 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/364330/cti"
},
{
"name": "Submit #814559 | Open5GS 2.7.6 Incorrect Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/814559"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/open5gs/open5gs/issues/4498"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/open5gs/open5gs/pull/4553"
},
{
"tags": [
"patch"
],
"url": "https://github.com/open5gs/open5gs/commit/5746b8576cfceec18ed87eb7d8cf11b1fb4cd8b1"
},
{
"tags": [
"product"
],
"url": "https://github.com/open5gs/open5gs/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-16T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-21T09:13:10.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8743",
"datePublished": "2026-05-17T09:00:13.637Z",
"dateReserved": "2026-05-16T12:38:24.093Z",
"dateUpdated": "2026-05-21T07:11:29.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8241 (GCVE-0-2026-8241)
Vulnerability from cvelistv5 – Published: 2026-05-10 07:45 – Updated: 2026-05-11 14:52| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362457 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/362457/cti | signaturepermissions-required |
| https://vuldb.com/submit/808270 | third-party-advisory |
| https://hawktrace.com/blog/caniaserp | related |
| https://gist.github.com/0xb1lal/6f3f050f08cff569e… | broken-linkexploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Industrial Application Software IAS | Canias ERP |
Affected:
8.03
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T14:52:07.540014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T14:52:15.252Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"RMI Interface"
],
"product": "Canias ERP",
"vendor": "Industrial Application Software IAS",
"versions": [
{
"status": "affected",
"version": "8.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bilal G\u00fcne\u015f (HawkTrace)"
},
{
"lang": "en",
"type": "reporter",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:09:59.537Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362457 | Industrial Application Software IAS Canias ERP RMI iasGetServerInfoEvent improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/362457"
},
{
"name": "VDB-362457 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362457/cti"
},
{
"name": "Submit #808270 | Industrial Application Software - IAS Canias ERP 8.03-- Exposure of Sensitive Information to an Unauthorized Actor",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/808270"
},
{
"tags": [
"related"
],
"url": "https://hawktrace.com/blog/caniaserp"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://gist.github.com/0xb1lal/6f3f050f08cff569ecbde586e63c6bea"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-11T15:11:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Industrial Application Software IAS Canias ERP RMI iasGetServerInfoEvent improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8241",
"datePublished": "2026-05-10T07:45:09.037Z",
"dateReserved": "2026-05-09T16:33:09.815Z",
"dateUpdated": "2026-05-11T14:52:15.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8233 (GCVE-0-2026-8233)
Vulnerability from cvelistv5 – Published: 2026-05-10 05:30 – Updated: 2026-05-11 17:01| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362450 | vdb-entry |
| https://vuldb.com/vuln/362450/cti | signaturepermissions-required |
| https://vuldb.com/submit/808799 | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8233",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T17:01:14.838900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T17:01:19.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://vuldb.com/submit/808799"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"UPF"
],
"product": "XproUPF",
"vendor": "Dotouch",
"versions": [
{
"status": "affected",
"version": "2.0.0-release-088aa7c4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LinZiyu (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "ZiyuLin (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was contacted early about this disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:A/AC:H/Au:S/C:P/I:P/A:P/E:ND/RL:ND/RC:ND",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-10T05:30:13.586Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362450 | Dotouch XproUPF access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/362450"
},
{
"name": "VDB-362450 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362450/cti"
},
{
"name": "Submit #808799 | Dotouch XproUPF v2.0.0-release-088aa7c4 imp",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/808799"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-09T17:17:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "Dotouch XproUPF access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8233",
"datePublished": "2026-05-10T05:30:13.586Z",
"dateReserved": "2026-05-09T09:29:36.661Z",
"dateUpdated": "2026-05-11T17:01:19.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8148 (GCVE-0-2026-8148)
Vulnerability from cvelistv5 – Published: 2026-05-08 04:36 – Updated: 2026-05-08 17:59- CWE-266 - Incorrect Privilege Assignment
| URL | Tags |
|---|---|
| https://cve.naver.com/detail/cve-2026-8148.html | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| NAVER | NAVER MYBOX Explorer |
Unaffected:
3.0.11.160
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-8148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T17:59:38.206791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T17:59:41.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "NAVER MYBOX Explorer",
"vendor": "NAVER",
"versions": [
{
"status": "unaffected",
"version": "3.0.11.160"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "oriotie"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\\SYSTEM via registry manipulation due to improper privilege checks."
}
],
"value": "NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\\SYSTEM via registry manipulation due to improper privilege checks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T04:36:12.538Z",
"orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
"shortName": "naver"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://cve.naver.com/detail/cve-2026-8148.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
"assignerShortName": "naver",
"cveId": "CVE-2026-8148",
"datePublished": "2026-05-08T04:36:12.538Z",
"dateReserved": "2026-05-08T04:24:32.155Z",
"dateUpdated": "2026-05-08T17:59:41.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8127 (GCVE-0-2026-8127)
Vulnerability from cvelistv5 – Published: 2026-05-08 02:00 – Updated: 2026-05-08 14:11| URL | Tags |
|---|---|
| https://vuldb.com/vuln/361917 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/361917/cti | signaturepermissions-required |
| https://vuldb.com/submit/808771 | third-party-advisory |
| https://github.com/elunez/eladmin/issues/897 | exploitissue-tracking |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8127",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T14:11:46.093007Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T14:11:52.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:eladmin:eladmin:*:*:*:*:*:*:*:*"
],
"modules": [
"Users API Endpoint"
],
"product": "eladmin",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.3"
},
{
"status": "affected",
"version": "2.4"
},
{
"status": "affected",
"version": "2.5"
},
{
"status": "affected",
"version": "2.6"
},
{
"status": "affected",
"version": "2.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AliceS614 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in eladmin up to 2.7. Impacted is the function checkLevel of the file /rest/UserController.java of the component Users API Endpoint. Such manipulation leads to improper access controls. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T02:00:14.462Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-361917 | eladmin Users API Endpoint UserController.java checkLevel access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/361917"
},
{
"name": "VDB-361917 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/361917/cti"
},
{
"name": "Submit #808771 | eladmin 2.7 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/808771"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/elunez/eladmin/issues/897"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-07T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-07T19:27:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "eladmin Users API Endpoint UserController.java checkLevel access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8127",
"datePublished": "2026-05-08T02:00:14.462Z",
"dateReserved": "2026-05-07T17:22:53.696Z",
"dateUpdated": "2026-05-08T14:11:52.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7713 (GCVE-0-2026-7713)
Vulnerability from cvelistv5 – Published: 2026-05-04 00:00 – Updated: 2026-05-05 19:00 X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360889 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/360889/cti | signaturepermissions-required |
| https://vuldb.com/submit/806403 | third-party-advisory |
| https://github.com/crocodilestick/Calibre-Web-Aut… | issue-tracking |
| https://github.com/new-usemame/Calibre-Web-NextGe… | issue-trackingpatch |
| https://gist.github.com/menelausx/ef98aa78ed2869c… | exploit |
| https://github.com/new-usemame/Calibre-Web-NextGe… | patch |
| https://github.com/new-usemame/Calibre-Web-NextGe… | patch |
| https://github.com/crocodilestick/Calibre-Web-Aut… | product |
| Vendor | Product | Version | |
|---|---|---|---|
| crocodilestick | Calibre-Web-Automated |
Affected:
4.0.0
Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.5 Affected: 4.0.6 Unaffected: 4.0.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7713",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-05T18:59:56.662709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T19:00:28.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Kobo auth-token Route"
],
"product": "Calibre-Web-Automated",
"vendor": "crocodilestick",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "unaffected",
"version": "4.0.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "JasperX (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generate_auth_token of the file cps/kobo_auth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.0.7 addresses this issue. The patch is identified as 9f50bb2c16160564c9f8777dc2ceed3eb95e4807. The affected component should be upgraded."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T00:00:32.992Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360889 | crocodilestick Calibre-Web-Automated Kobo auth-token Route kobo_auth.py generate_auth_token improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360889"
},
{
"name": "VDB-360889 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360889/cti"
},
{
"name": "Submit #806403 | crocodilestick Calibre-Web-Automated v1.0.0-v4.0.6 IDOR in auth-token generation leading to account takeover",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/806403"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/crocodilestick/Calibre-Web-Automated/issues/1303"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/new-usemame/Calibre-Web-NextGen/pull/18"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/menelausx/ef98aa78ed2869ccaa316ff45ed1a440"
},
{
"tags": [
"patch"
],
"url": "https://github.com/new-usemame/Calibre-Web-NextGen/commit/9f50bb2c16160564c9f8777dc2ceed3eb95e4807"
},
{
"tags": [
"patch"
],
"url": "https://github.com/new-usemame/Calibre-Web-NextGen/releases/tag/v4.0.7"
},
{
"tags": [
"product"
],
"url": "https://github.com/crocodilestick/Calibre-Web-Automated/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-03T10:04:54.000Z",
"value": "VulDB entry last update"
}
],
"title": "crocodilestick Calibre-Web-Automated Kobo auth-token Route kobo_auth.py generate_auth_token improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7713",
"datePublished": "2026-05-04T00:00:32.992Z",
"dateReserved": "2026-05-03T07:59:45.943Z",
"dateUpdated": "2026-05-05T19:00:28.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7709 (GCVE-0-2026-7709)
Vulnerability from cvelistv5 – Published: 2026-05-03 23:00 – Updated: 2026-05-04 17:50| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360885 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/360885/cti | signaturepermissions-required |
| https://vuldb.com/submit/805823 | third-party-advisory |
| https://drive.google.com/drive/folders/1rosrcfxcH… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| janeczku | Calibre-Web |
Affected:
0.6.0
Affected: 0.6.1 Affected: 0.6.2 Affected: 0.6.3 Affected: 0.6.4 Affected: 0.6.5 Affected: 0.6.6 Affected: 0.6.7 Affected: 0.6.8 Affected: 0.6.9 Affected: 0.6.10 Affected: 0.6.11 Affected: 0.6.12 Affected: 0.6.13 Affected: 0.6.14 Affected: 0.6.15 Affected: 0.6.16 Affected: 0.6.17 Affected: 0.6.18 Affected: 0.6.19 Affected: 0.6.20 Affected: 0.6.21 Affected: 0.6.22 Affected: 0.6.23 Affected: 0.6.24 Affected: 0.6.25 Affected: 0.6.26 cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7709",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T16:26:17.793879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T17:50:31.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*"
],
"modules": [
"Endpoint"
],
"product": "Calibre-Web",
"vendor": "janeczku",
"versions": [
{
"status": "affected",
"version": "0.6.0"
},
{
"status": "affected",
"version": "0.6.1"
},
{
"status": "affected",
"version": "0.6.2"
},
{
"status": "affected",
"version": "0.6.3"
},
{
"status": "affected",
"version": "0.6.4"
},
{
"status": "affected",
"version": "0.6.5"
},
{
"status": "affected",
"version": "0.6.6"
},
{
"status": "affected",
"version": "0.6.7"
},
{
"status": "affected",
"version": "0.6.8"
},
{
"status": "affected",
"version": "0.6.9"
},
{
"status": "affected",
"version": "0.6.10"
},
{
"status": "affected",
"version": "0.6.11"
},
{
"status": "affected",
"version": "0.6.12"
},
{
"status": "affected",
"version": "0.6.13"
},
{
"status": "affected",
"version": "0.6.14"
},
{
"status": "affected",
"version": "0.6.15"
},
{
"status": "affected",
"version": "0.6.16"
},
{
"status": "affected",
"version": "0.6.17"
},
{
"status": "affected",
"version": "0.6.18"
},
{
"status": "affected",
"version": "0.6.19"
},
{
"status": "affected",
"version": "0.6.20"
},
{
"status": "affected",
"version": "0.6.21"
},
{
"status": "affected",
"version": "0.6.22"
},
{
"status": "affected",
"version": "0.6.23"
},
{
"status": "affected",
"version": "0.6.24"
},
{
"status": "affected",
"version": "0.6.25"
},
{
"status": "affected",
"version": "0.6.26"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "JasperX (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generate_auth_token of the file cps/kobo_auth.py of the component Endpoint. Such manipulation of the argument user_id leads to improper authorization. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-03T23:00:16.240Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360885 | janeczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360885"
},
{
"name": "VDB-360885 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360885/cti"
},
{
"name": "Submit #805823 | Janeczku Calibre-web V0.6.7-V0.6.26 IDOR in auth-token generation leading to account takeover / user",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/805823"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/drive/folders/1rosrcfxcHrQM7_GOiBwzY_GnCfXoFuVR?usp=drive_link"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-03T09:58:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "janeczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7709",
"datePublished": "2026-05-03T23:00:16.240Z",
"dateReserved": "2026-05-03T07:35:23.631Z",
"dateUpdated": "2026-05-04T17:50:31.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7686 (GCVE-0-2026-7686)
Vulnerability from cvelistv5 – Published: 2026-05-03 07:30 – Updated: 2026-05-04 15:02| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360856 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/360856/cti | signaturepermissions-required |
| https://vuldb.com/submit/793551 | third-party-advisory |
| https://github.com/xryj920/CVE/blob/main/adblock_… | exploit |
| https://adblockplus.org/en/download | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| eyeo | Adblock Plus |
Affected:
4.36.0
Affected: 4.36.1 Affected: 4.36.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7686",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T15:02:15.880067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T15:02:41.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Legacy Premium Activation"
],
"product": "Adblock Plus",
"vendor": "eyeo",
"versions": [
{
"status": "affected",
"version": "4.36.0"
},
{
"status": "affected",
"version": "4.36.1"
},
{
"status": "affected",
"version": "4.36.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "DRXYJ (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Upgrading the affected component is recommended. The vendor provides additional details: \"The affected code path is a legacy Premium activation flow that has been deprecated. eyeo has already migrated to a new user account-based licensing system. The exploit does not grant permanent Premium access. The licensing server issues a short-lived trial license (valid for approximately 24 hours) for any submitted userId. On the next license check, the server validates against a real subscription and the trial expires if no valid subscription is found. The researcher\u0027s claim of permanently unlocking all Premium features is therefore incorrect. (...) The old flow has been present for years and has not been weaponized at scale to our knowledge. The risk to eyeo and to users is minimal.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-03T07:30:12.937Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360856 | eyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360856"
},
{
"name": "VDB-360856 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360856/cti"
},
{
"name": "Submit #793551 | Eyeo GmbH Adblock Plus 4.36.2 Privilege Escalation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/793551"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xryj920/CVE/blob/main/adblock_plus_CVE_report.md"
},
{
"tags": [
"patch"
],
"url": "https://adblockplus.org/en/download"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-02T18:08:37.000Z",
"value": "VulDB entry last update"
}
],
"title": "eyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7686",
"datePublished": "2026-05-03T07:30:12.937Z",
"dateReserved": "2026-05-02T16:03:17.517Z",
"dateUpdated": "2026-05-04T15:02:41.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7644 (GCVE-0-2026-7644)
Vulnerability from cvelistv5 – Published: 2026-05-02 15:00 – Updated: 2026-05-04 13:09| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360756 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/360756/cti | signaturepermissions-required |
| https://vuldb.com/submit/806851 | third-party-advisory |
| https://github.com/ChatGPTNextWeb/NextChat/issues/6757 | exploitissue-tracking |
| https://github.com/ChatGPTNextWeb/NextChat/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| ChatGPTNextWeb | NextChat |
Affected:
2.16.0
Affected: 2.16.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7644",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T13:08:36.355414Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T13:09:05.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NextChat",
"vendor": "ChatGPTNextWeb",
"versions": [
{
"status": "affected",
"version": "2.16.0"
},
{
"status": "affected",
"version": "2.16.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yu.Bao (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-02T15:00:13.502Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360756 | ChatGPTNextWeb NextChat actions.ts addMcpServer improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360756"
},
{
"name": "VDB-360756 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360756/cti"
},
{
"name": "Submit #806851 | ChatGPTNextWeb NextChat 2.16.1 Unauthenticated Remote Code Execution",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/806851"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/issues/6757"
},
{
"tags": [
"product"
],
"url": "https://github.com/ChatGPTNextWeb/NextChat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-01T18:39:12.000Z",
"value": "VulDB entry last update"
}
],
"title": "ChatGPTNextWeb NextChat actions.ts addMcpServer improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7644",
"datePublished": "2026-05-02T15:00:13.502Z",
"dateReserved": "2026-05-01T16:34:02.930Z",
"dateUpdated": "2026-05-04T13:09:05.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7631 (GCVE-0-2026-7631)
Vulnerability from cvelistv5 – Published: 2026-05-02 13:30 – Updated: 2026-05-04 17:51 X_Freeware| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360577 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/360577/cti | signaturepermissions-required |
| https://vuldb.com/submit/806565 | third-party-advisory |
| https://github.com/MyMySSS/CVE123/blob/main/cve2/… | exploit |
| https://code-projects.org/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Online Hospital Management System |
Affected:
1.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7631",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T16:19:44.348913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T17:51:26.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Registration Handler"
],
"product": "Online Hospital Management System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "MyMy (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-02T13:30:12.229Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360577 | code-projects Online Hospital Management System Registration improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/360577"
},
{
"name": "VDB-360577 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360577/cti"
},
{
"name": "Submit #806565 | Code-projects Online Hospital Management System V1.0 unauthorized access",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/806565"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/MyMySSS/CVE123/blob/main/cve2/cve2.md"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-01T16:36:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Online Hospital Management System Registration improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7631",
"datePublished": "2026-05-02T13:30:12.229Z",
"dateReserved": "2026-05-01T14:31:17.712Z",
"dateUpdated": "2026-05-04T17:51:26.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.