Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-266
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CVE-2026-12778 (GCVE-0-2026-12778)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:00 – Updated: 2026-06-22 13:33
VLAI
Title
AOMEI Partition Assistant Kernel Driver ampa10.sys access control
Summary
A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372519 | vdb-entry |
| https://vuldb.com/vuln/372519/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12778 | third-party-advisory |
| https://vuldb.com/submit/835607 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AOMEI | Partition Assistant |
Affected:
10.10.0
Affected: 10.10.1 cpe:2.3:a:aomei:partition_assistant:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12778",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T13:33:32.271119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T13:33:40.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:aomei:partition_assistant:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Assistant",
"vendor": "AOMEI",
"versions": [
{
"status": "affected",
"version": "10.10.0"
},
{
"status": "affected",
"version": "10.10.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:00:08.462Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372519 | AOMEI Partition Assistant Kernel Driver ampa10.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372519"
},
{
"name": "VDB-372519 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372519/cti"
},
{
"name": "CVE-2026-12778 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12778"
},
{
"name": "Submit #835607 | AOMEI AOMEI Partition Assistant Kernel Driver ampa10.sys 10.10.1 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835607"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/aomei-partition-assistant-10101-kernel-driver-ampa10sys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:41:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "AOMEI Partition Assistant Kernel Driver ampa10.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12778",
"datePublished": "2026-06-21T05:00:08.462Z",
"dateReserved": "2026-06-20T09:36:06.162Z",
"dateUpdated": "2026-06-22T13:33:40.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12779 (GCVE-0-2026-12779)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:15 – Updated: 2026-06-22 17:19
VLAI
Title
AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control
Summary
A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372520 | vdb-entry |
| https://vuldb.com/vuln/372520/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12779 | third-party-advisory |
| https://vuldb.com/submit/835608 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AOMEI | Dynamic Disk Manager |
Affected:
10.10.0
Affected: 10.10.1 cpe:2.3:a:aomei:dynamic_disk_manager:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12779",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T17:19:41.625705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T17:19:50.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:aomei:dynamic_disk_manager:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Dynamic Disk Manager",
"vendor": "AOMEI",
"versions": [
{
"status": "affected",
"version": "10.10.0"
},
{
"status": "affected",
"version": "10.10.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:15:07.936Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372520 | AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372520"
},
{
"name": "VDB-372520 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372520/cti"
},
{
"name": "CVE-2026-12779 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12779"
},
{
"name": "Submit #835608 | AOMEI AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys 10.10.1 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835608"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/aomei-dynamic-disk-manager-10101-kernel-driver-ddmdrvsys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:41:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12779",
"datePublished": "2026-06-21T05:15:07.936Z",
"dateReserved": "2026-06-20T09:36:08.901Z",
"dateUpdated": "2026-06-22T17:19:50.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12780 (GCVE-0-2026-12780)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:30 – Updated: 2026-06-22 16:13
VLAI
Title
AOMEI Backupper Kernel Driver amwrtdrv.sys access control
Summary
A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372521 | vdb-entry |
| https://vuldb.com/vuln/372521/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12780 | third-party-advisory |
| https://vuldb.com/submit/835609 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12780",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T16:12:11.602552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:13:04.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:aomei:backupper:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Backupper",
"vendor": "AOMEI",
"versions": [
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.2"
},
{
"status": "affected",
"version": "8.3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:30:08.835Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372521 | AOMEI Backupper Kernel Driver amwrtdrv.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372521"
},
{
"name": "VDB-372521 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372521/cti"
},
{
"name": "CVE-2026-12780 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12780"
},
{
"name": "Submit #835609 | AOMEI AOMEI Backupper Kernel Driver amwrtdrv.sys 8.3.0 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835609"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/aomei-backupper-830-kernel-driver-amwrtdrvsys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:41:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "AOMEI Backupper Kernel Driver amwrtdrv.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12780",
"datePublished": "2026-06-21T05:30:08.835Z",
"dateReserved": "2026-06-20T09:36:11.510Z",
"dateUpdated": "2026-06-22T16:13:04.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12781 (GCVE-0-2026-12781)
Vulnerability from cvelistv5 – Published: 2026-06-21 05:45 – Updated: 2026-06-22 10:57
VLAI
Title
EaseUS Partition Master Kernel Driver epmntdrv.sys access control
Summary
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly available and might be used. You should upgrade the affected component. The vendor explains: "We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists."
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372522 | vdb-entry |
| https://vuldb.com/vuln/372522/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12781 | third-party-advisory |
| https://vuldb.com/submit/835611 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| https://www.easeus.com/partition-manager/ | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| EaseUS | Partition Master |
Affected:
14.0
Affected: 14.1 Affected: 14.2 Affected: 14.3 Affected: 14.4 Affected: 14.5 cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12781",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T10:56:48.314457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T10:57:03.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Master",
"vendor": "EaseUS",
"versions": [
{
"status": "affected",
"version": "14.0"
},
{
"status": "affected",
"version": "14.1"
},
{
"status": "affected",
"version": "14.2"
},
{
"status": "affected",
"version": "14.3"
},
{
"status": "affected",
"version": "14.4"
},
{
"status": "affected",
"version": "14.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly available and might be used. You should upgrade the affected component. The vendor explains: \"We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T05:45:07.032Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372522 | EaseUS Partition Master Kernel Driver epmntdrv.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372522"
},
{
"name": "VDB-372522 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372522/cti"
},
{
"name": "CVE-2026-12781 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12781"
},
{
"name": "Submit #835611 | EaseUS Partition Master Kernel Driver epmntdrv.sys 14.5 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835611"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/easeus-partition-master-145-kernel-driver-epmntdrvsys-local-privilege-escalation"
},
{
"tags": [
"patch"
],
"url": "https://www.easeus.com/partition-manager/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:45:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "EaseUS Partition Master Kernel Driver epmntdrv.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12781",
"datePublished": "2026-06-21T05:45:07.032Z",
"dateReserved": "2026-06-20T09:39:48.265Z",
"dateUpdated": "2026-06-22T10:57:03.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12782 (GCVE-0-2026-12782)
Vulnerability from cvelistv5 – Published: 2026-06-21 06:00 – Updated: 2026-06-23 02:44
VLAI
Title
EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control
Summary
A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The affected component should be upgraded. The vendor explains: "We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists."
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372523 | vdb-entry |
| https://vuldb.com/vuln/372523/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12782 | third-party-advisory |
| https://vuldb.com/submit/835612 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
| https://www.easeus.com/partition-manager/ | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| EaseUS | Partition Master |
Affected:
14.0
Affected: 14.1 Affected: 14.2 Affected: 14.3 Affected: 14.4 Affected: 14.5 cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12782",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T02:43:56.232731Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T02:44:08.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:easeus:partition_master:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Master",
"vendor": "EaseUS",
"versions": [
{
"status": "affected",
"version": "14.0"
},
{
"status": "affected",
"version": "14.1"
},
{
"status": "affected",
"version": "14.2"
},
{
"status": "affected",
"version": "14.3"
},
{
"status": "affected",
"version": "14.4"
},
{
"status": "affected",
"version": "14.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The affected component should be upgraded. The vendor explains: \"We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T06:00:10.299Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372523 | EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372523"
},
{
"name": "VDB-372523 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372523/cti"
},
{
"name": "CVE-2026-12782 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12782"
},
{
"name": "Submit #835612 | EaseUS Partition Master Kernel Driver EUEDKEPM.sys 14.5 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835612"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/easeus-partition-master-145-kernel-driver-euedkepmsys-local-privilege-escalation"
},
{
"tags": [
"patch"
],
"url": "https://www.easeus.com/partition-manager/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:45:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12782",
"datePublished": "2026-06-21T06:00:10.299Z",
"dateReserved": "2026-06-20T09:39:50.652Z",
"dateUpdated": "2026-06-23T02:44:08.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12784 (GCVE-0-2026-12784)
Vulnerability from cvelistv5 – Published: 2026-06-21 07:00 – Updated: 2026-06-22 18:12
VLAI
Title
IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control
Summary
A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372524 | vdb-entry |
| https://vuldb.com/vuln/372524/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12784 | third-party-advisory |
| https://vuldb.com/submit/835613 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IM-Magic | Partition Resizer |
Affected:
7.0
Affected: 7.1 Affected: 7.2 Affected: 7.3 Affected: 7.4 Affected: 7.5 Affected: 7.6 Affected: 7.7 Affected: 7.8 Affected: 7.9.0 cpe:2.3:a:im-magic:partition_resizer:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12784",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T18:06:49.836208Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T18:12:25.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:im-magic:partition_resizer:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "Partition Resizer",
"vendor": "IM-Magic",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.9.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T07:00:07.040Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372524 | IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372524"
},
{
"name": "VDB-372524 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372524/cti"
},
{
"name": "CVE-2026-12784 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12784"
},
{
"name": "Submit #835613 | IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys 7.9.0 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835613"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/im-magic-partition-resizer-790-kernel-driver-mda-ntdrvsys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:46:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12784",
"datePublished": "2026-06-21T07:00:07.040Z",
"dateReserved": "2026-06-20T09:41:41.728Z",
"dateUpdated": "2026-06-22T18:12:25.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12786 (GCVE-0-2026-12786)
Vulnerability from cvelistv5 – Published: 2026-06-21 07:15 – Updated: 2026-06-22 13:37
VLAI
Title
Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control
Summary
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372528 | vdb-entry |
| https://vuldb.com/vuln/372528/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12786 | third-party-advisory |
| https://vuldb.com/submit/835614 | third-party-advisory |
| https://winslow1984.com/books/cve-collection/page… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ezbsystems | UltraISO Premium Edition |
Affected:
9.0
Affected: 9.1 Affected: 9.2 Affected: 9.3 Affected: 9.4 Affected: 9.5 Affected: 9.6 Affected: 9.7 Affected: 9.8 Affected: 9.9 Affected: 9.10 Affected: 9.11 Affected: 9.12 Affected: 9.13 Affected: 9.14 Affected: 9.15 Affected: 9.16 Affected: 9.17 Affected: 9.18 Affected: 9.19 Affected: 9.20 Affected: 9.21 Affected: 9.22 Affected: 9.23 Affected: 9.24 Affected: 9.25 Affected: 9.26 Affected: 9.27 Affected: 9.28 Affected: 9.29 Affected: 9.30 Affected: 9.31 Affected: 9.32 Affected: 9.33 Affected: 9.34 Affected: 9.35 Affected: 9.36 Affected: 9.37 Affected: 9.38 Affected: 9.39 Affected: 9.40 Affected: 9.41 Affected: 9.42 Affected: 9.43 Affected: 9.44 Affected: 9.45 Affected: 9.46 Affected: 9.47 Affected: 9.48 Affected: 9.49 Affected: 9.50 Affected: 9.51 Affected: 9.52 Affected: 9.53 Affected: 9.54 Affected: 9.55 Affected: 9.56 Affected: 9.57 Affected: 9.58 Affected: 9.59 Affected: 9.60 Affected: 9.61 Affected: 9.62 Affected: 9.63 Affected: 9.64 Affected: 9.65 Affected: 9.66 Affected: 9.67 Affected: 9.68 Affected: 9.69 Affected: 9.70 Affected: 9.71 Affected: 9.72 Affected: 9.73 Affected: 9.74 Affected: 9.75 Affected: 9.76 cpe:2.3:a:ezbsystems:ultraiso_premium_edition:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12786",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T13:36:48.924481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T13:37:02.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ezbsystems:ultraiso_premium_edition:*:*:*:*:*:*:*:*"
],
"modules": [
"Kernel Driver"
],
"product": "UltraISO Premium Edition",
"vendor": "Ezbsystems",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.1"
},
{
"status": "affected",
"version": "9.2"
},
{
"status": "affected",
"version": "9.3"
},
{
"status": "affected",
"version": "9.4"
},
{
"status": "affected",
"version": "9.5"
},
{
"status": "affected",
"version": "9.6"
},
{
"status": "affected",
"version": "9.7"
},
{
"status": "affected",
"version": "9.8"
},
{
"status": "affected",
"version": "9.9"
},
{
"status": "affected",
"version": "9.10"
},
{
"status": "affected",
"version": "9.11"
},
{
"status": "affected",
"version": "9.12"
},
{
"status": "affected",
"version": "9.13"
},
{
"status": "affected",
"version": "9.14"
},
{
"status": "affected",
"version": "9.15"
},
{
"status": "affected",
"version": "9.16"
},
{
"status": "affected",
"version": "9.17"
},
{
"status": "affected",
"version": "9.18"
},
{
"status": "affected",
"version": "9.19"
},
{
"status": "affected",
"version": "9.20"
},
{
"status": "affected",
"version": "9.21"
},
{
"status": "affected",
"version": "9.22"
},
{
"status": "affected",
"version": "9.23"
},
{
"status": "affected",
"version": "9.24"
},
{
"status": "affected",
"version": "9.25"
},
{
"status": "affected",
"version": "9.26"
},
{
"status": "affected",
"version": "9.27"
},
{
"status": "affected",
"version": "9.28"
},
{
"status": "affected",
"version": "9.29"
},
{
"status": "affected",
"version": "9.30"
},
{
"status": "affected",
"version": "9.31"
},
{
"status": "affected",
"version": "9.32"
},
{
"status": "affected",
"version": "9.33"
},
{
"status": "affected",
"version": "9.34"
},
{
"status": "affected",
"version": "9.35"
},
{
"status": "affected",
"version": "9.36"
},
{
"status": "affected",
"version": "9.37"
},
{
"status": "affected",
"version": "9.38"
},
{
"status": "affected",
"version": "9.39"
},
{
"status": "affected",
"version": "9.40"
},
{
"status": "affected",
"version": "9.41"
},
{
"status": "affected",
"version": "9.42"
},
{
"status": "affected",
"version": "9.43"
},
{
"status": "affected",
"version": "9.44"
},
{
"status": "affected",
"version": "9.45"
},
{
"status": "affected",
"version": "9.46"
},
{
"status": "affected",
"version": "9.47"
},
{
"status": "affected",
"version": "9.48"
},
{
"status": "affected",
"version": "9.49"
},
{
"status": "affected",
"version": "9.50"
},
{
"status": "affected",
"version": "9.51"
},
{
"status": "affected",
"version": "9.52"
},
{
"status": "affected",
"version": "9.53"
},
{
"status": "affected",
"version": "9.54"
},
{
"status": "affected",
"version": "9.55"
},
{
"status": "affected",
"version": "9.56"
},
{
"status": "affected",
"version": "9.57"
},
{
"status": "affected",
"version": "9.58"
},
{
"status": "affected",
"version": "9.59"
},
{
"status": "affected",
"version": "9.60"
},
{
"status": "affected",
"version": "9.61"
},
{
"status": "affected",
"version": "9.62"
},
{
"status": "affected",
"version": "9.63"
},
{
"status": "affected",
"version": "9.64"
},
{
"status": "affected",
"version": "9.65"
},
{
"status": "affected",
"version": "9.66"
},
{
"status": "affected",
"version": "9.67"
},
{
"status": "affected",
"version": "9.68"
},
{
"status": "affected",
"version": "9.69"
},
{
"status": "affected",
"version": "9.70"
},
{
"status": "affected",
"version": "9.71"
},
{
"status": "affected",
"version": "9.72"
},
{
"status": "affected",
"version": "9.73"
},
{
"status": "affected",
"version": "9.74"
},
{
"status": "affected",
"version": "9.75"
},
{
"status": "affected",
"version": "9.76"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "winslow1984 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T07:15:07.752Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372528 | Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372528"
},
{
"name": "VDB-372528 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372528/cti"
},
{
"name": "CVE-2026-12786 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12786"
},
{
"name": "Submit #835614 | UltraISO Premium Edition Kernel Driver bootpt64.sys 9.76 Local Privilege Escapation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/835614"
},
{
"tags": [
"exploit"
],
"url": "https://winslow1984.com/books/cve-collection/page/ultraiso-premium-976-kernel-driver-bootpt64sys-local-privilege-escalation"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T11:59:15.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12786",
"datePublished": "2026-06-21T07:15:07.752Z",
"dateReserved": "2026-06-20T09:54:11.353Z",
"dateUpdated": "2026-06-22T13:37:02.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12799 (GCVE-0-2026-12799)
Vulnerability from cvelistv5 – Published: 2026-06-21 10:00 – Updated: 2026-06-22 16:17
VLAI
Title
BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization
Summary
A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372561 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/372561/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12799 | third-party-advisory |
| https://vuldb.com/submit/811291 | third-party-advisory |
| https://gist.github.com/YLChen-007/3ace22e33e468d… | exploit |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12799",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T16:16:34.425795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:17:02.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://vuldb.com/submit/811291"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*"
],
"modules": [
"Incomplete Fix CVE-2025-0628"
],
"product": "litellm",
"vendor": "BerriAI",
"versions": [
{
"status": "affected",
"version": "1.82.0"
},
{
"status": "affected",
"version": "1.82.1"
},
{
"status": "affected",
"version": "1.82.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-d (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T10:00:08.928Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372561 | BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/372561"
},
{
"name": "VDB-372561 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372561/cti"
},
{
"name": "CVE-2026-12799 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12799"
},
{
"name": "Submit #811291 | litellm \u003c= 1.82.2 Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/811291"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/YLChen-007/3ace22e33e468d0166fe609c9fdf4184"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-20T19:17:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12799",
"datePublished": "2026-06-21T10:00:08.928Z",
"dateReserved": "2026-06-20T17:12:23.228Z",
"dateUpdated": "2026-06-22T16:17:02.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12823 (GCVE-0-2026-12823)
Vulnerability from cvelistv5 – Published: 2026-06-21 23:45 – Updated: 2026-06-23 14:19
VLAI
Title
Browserbase Autobrowse Trace Artifact default permission
Summary
A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/372613 | vdb-entry |
| https://vuldb.com/vuln/372613/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-12823 | third-party-advisory |
| https://vuldb.com/submit/837600 | third-party-advisory |
| https://github.com/NARKHEDE-VAIBHAV/poc/blob/main… | exploit |
| https://github.com/NARKHEDE-VAIBHAV/poc/blob/main… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Browserbase |
Affected:
20260526
cpe:2.3:a:browserbase:browserbase:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12823",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T14:02:23.565503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T14:19:20.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:browserbase:browserbase:*:*:*:*:*:*:*:*"
],
"modules": [
"Autobrowse Trace Artifact Handler"
],
"product": "Browserbase",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "20260526"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vaibhavnarkhede (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "vaibhavnarkhede (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-21T23:45:08.247Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-372613 | Browserbase Autobrowse Trace Artifact default permission",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/372613"
},
{
"name": "VDB-372613 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/372613/cti"
},
{
"name": "CVE-2026-12823 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-12823"
},
{
"name": "Submit #837600 | Browserbase Browserbase Skills latest main branch prior to fix (tested May 2026) Information Disclosure / Insecure File Permissions",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/837600"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/Advisory.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/poc.sh"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-21T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-21T18:16:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "Browserbase Autobrowse Trace Artifact default permission"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-12823",
"datePublished": "2026-06-21T23:45:08.247Z",
"dateReserved": "2026-06-21T13:17:40.650Z",
"dateUpdated": "2026-06-23T14:19:20.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-13511 (GCVE-0-2026-13511)
Vulnerability from cvelistv5 – Published: 2026-06-28 22:30 – Updated: 2026-06-29 12:59
VLAI
Title
VoltAgent Memory REST API memory.handlers.ts handleGetMemoryConversation improper authorization
Summary
A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/374519 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/374519/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-13511 | third-party-advisory |
| https://vuldb.com/submit/838873 | third-party-advisory |
| https://github.com/VoltAgent/voltagent/issues/1315 | exploitissue-tracking |
| https://github.com/VoltAgent/voltagent/pull/1317 | issue-trackingpatch |
| https://github.com/VoltAgent/voltagent/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | VoltAgent |
Affected:
2.1.0
Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.3 Affected: 2.1.4 Affected: 2.1.5 Affected: 2.1.6 Affected: 2.1.7 Affected: 2.1.8 Affected: 2.1.9 Affected: 2.1.10 Affected: 2.1.11 Affected: 2.1.12 Affected: 2.1.13 Affected: 2.1.14 Affected: 2.1.15 Affected: 2.1.16 Affected: 2.1.17 cpe:2.3:a:voltagent:voltagent:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13511",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T12:59:51.199975Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T12:59:59.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:voltagent:voltagent:*:*:*:*:*:*:*:*"
],
"modules": [
"Memory REST API"
],
"product": "VoltAgent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.1.5"
},
{
"status": "affected",
"version": "2.1.6"
},
{
"status": "affected",
"version": "2.1.7"
},
{
"status": "affected",
"version": "2.1.8"
},
{
"status": "affected",
"version": "2.1.9"
},
{
"status": "affected",
"version": "2.1.10"
},
{
"status": "affected",
"version": "2.1.11"
},
{
"status": "affected",
"version": "2.1.12"
},
{
"status": "affected",
"version": "2.1.13"
},
{
"status": "affected",
"version": "2.1.14"
},
{
"status": "affected",
"version": "2.1.15"
},
{
"status": "affected",
"version": "2.1.16"
},
{
"status": "affected",
"version": "2.1.17"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem000000 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-28T22:30:11.528Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-374519 | VoltAgent Memory REST API memory.handlers.ts handleGetMemoryConversation improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/374519"
},
{
"name": "VDB-374519 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/374519/cti"
},
{
"name": "CVE-2026-13511 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-13511"
},
{
"name": "Submit #838873 | VoltAgent 2.1.17 Improper Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/838873"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/VoltAgent/voltagent/issues/1315"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/VoltAgent/voltagent/pull/1317"
},
{
"tags": [
"product"
],
"url": "https://github.com/VoltAgent/voltagent/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-28T08:34:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "VoltAgent Memory REST API memory.handlers.ts handleGetMemoryConversation improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-13511",
"datePublished": "2026-06-28T22:30:11.528Z",
"dateReserved": "2026-06-28T06:28:57.591Z",
"dateUpdated": "2026-06-29T12:59:59.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.