CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-57850 (GCVE-0-2026-57850)
Vulnerability from cvelistv5 – Published: 2026-07-10 19:53 – Updated: 2026-07-10 21:06- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/rustdesk/rustdesk/pull/15469 | issue-tracking |
| https://github.com/rustdesk/rustdesk/commit/493b1… | patch |
| https://github.com/rustdesk/rustdesk/releases/tag/1.4.9 | release-notes |
| https://github.com/rustdesk/rustdesk | product |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "RustDesk",
"vendor": "RustDesk",
"versions": [
{
"lessThan": "1.4.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rustdesk:rustdesk:*:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "sn0x-sharma"
}
],
"datePublic": "2026-07-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "RustDesk before 1.4.9 does not enforce a session\u0027s authorized connection scope on the server side, so a peer granted a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal) can send control messages and login options reserved for a full Remote session. An authenticated remote peer can exploit this missing scope check to act outside its granted scope, injecting out-of-scope control messages to observe and control the host beyond the permissions it was given."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T21:06:33.323Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Fix Pull Request #15469",
"tags": [
"issue-tracking"
],
"url": "https://github.com/rustdesk/rustdesk/pull/15469"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/rustdesk/rustdesk/commit/493b14ba78abc3dfb33f109c7f93c1c95a1dabc4"
},
{
"name": "RustDesk 1.4.9 Release",
"tags": [
"release-notes"
],
"url": "https://github.com/rustdesk/rustdesk/releases/tag/1.4.9"
},
{
"name": "Product",
"tags": [
"product"
],
"url": "https://github.com/rustdesk/rustdesk"
}
],
"title": "RustDesk before 1.4.9 Missing Session Scope Enforcement Allows Out-of-Scope Control Message Injection",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-57850",
"datePublished": "2026-07-10T19:53:21.336Z",
"dateReserved": "2026-06-25T18:48:00.282Z",
"dateUpdated": "2026-07-10T21:06:33.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57946 (GCVE-0-2026-57946)
Vulnerability from cvelistv5 – Published: 2026-06-29 17:18 – Updated: 2026-06-29 18:20 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/iv-org/invidious/releases/tag/… | release-notes |
| https://github.com/iv-org/invidious/issues/5775 | issue-tracking |
| https://github.com/iv-org/invidious/pull/5776 | issue-tracking |
| https://github.com/iv-org/invidious/commit/c435dc… | patch |
| https://www.vulncheck.com/advisories/invidious-pr… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57946",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T18:20:32.000439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T18:20:36.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/iv-org/invidious/issues/5775"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Invidious",
"repo": "https://github.com/iv-org/invidious",
"vendor": "iv-org",
"versions": [
{
"lessThan": "2.20260626.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Invidious before version 2.20260626.0 contains a broken access control vulnerability that allows unauthenticated attackers to retrieve private playlist contents by accessing the RSS feed playlist endpoint without authentication. Attackers can supply a playlist ID to the feed endpoint to obtain the full playlist contents, owner email address, and associated video entries without any authentication."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T17:18:27.637Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Release Notes",
"tags": [
"release-notes"
],
"url": "https://github.com/iv-org/invidious/releases/tag/v2.20260626.0"
},
{
"name": "Researcher Disclosure",
"tags": [
"issue-tracking"
],
"url": "https://github.com/iv-org/invidious/issues/5775"
},
{
"name": "Pull Request",
"tags": [
"issue-tracking"
],
"url": "https://github.com/iv-org/invidious/pull/5776"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/iv-org/invidious/commit/c435dc1204970bcca06bcdcfb116c22092be22fd"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/invidious-private-playlist-disclosure-via-unauthenticated-rss-feed-endpoint"
}
],
"tags": [
"x_open-source"
],
"title": "Invidious - Private Playlist Disclosure via Unauthenticated RSS Feed Endpoint",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-57946",
"datePublished": "2026-06-29T17:18:27.637Z",
"dateReserved": "2026-06-26T13:57:16.356Z",
"dateUpdated": "2026-06-29T18:20:36.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57949 (GCVE-0-2026-57949)
Vulnerability from cvelistv5 – Published: 2026-06-29 17:19 – Updated: 2026-06-30 11:15 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/YunaiV/ruoyi-vue-pro/issues/1159 | issue-tracking |
| https://github.com/YunaiV/ruoyi-vue-pro/commit/c7… | patch |
| https://www.vulncheck.com/advisories/ruoyi-vue-pr… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Yunai | ruoyi-vue-pro |
Affected:
0 , ≤ 2026.05
(custom)
Unaffected: c779a476617c58a38904191094d22df254b42542 (git) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57949",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T18:38:18.928444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T18:38:24.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YunaiV/ruoyi-vue-pro/issues/1159"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ruoyi-vue-pro",
"repo": "https://github.com/YunaiV/ruoyi-vue-pro",
"vendor": "Yunai",
"versions": [
{
"lessThanOrEqual": "2026.05",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "c779a476617c58a38904191094d22df254b42542",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module\u0027s GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this by sending requests with arbitrary ID parameters to access other users\u0027 follow-up notes, file attachments, scheduling information, and business entity references without proper authorization checks."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T11:15:47.162Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Researcher Disclosure",
"tags": [
"issue-tracking"
],
"url": "https://github.com/YunaiV/ruoyi-vue-pro/issues/1159"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/YunaiV/ruoyi-vue-pro/commit/c779a476617c58a38904191094d22df254b42542"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ruoyi-vue-pro-missing-authorization-in-crm-follow-up-record-get-endpoint"
}
],
"tags": [
"x_open-source"
],
"title": "ruoyi-vue-pro - Missing Authorization in CRM Follow-up Record GET Endpoint",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-57949",
"datePublished": "2026-06-29T17:19:39.261Z",
"dateReserved": "2026-06-26T13:57:16.356Z",
"dateUpdated": "2026-06-30T11:15:47.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57952 (GCVE-0-2026-57952)
Vulnerability from cvelistv5 – Published: 2026-06-29 17:21 – Updated: 2026-06-29 18:15 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/its-a-feature/Mythic/releases/… | release-notes |
| https://github.com/its-a-feature/Mythic/issues/564 | issue-tracking |
| https://github.com/its-a-feature/Mythic/commit/82… | patch |
| https://www.vulncheck.com/advisories/mythic-unaut… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| its-a-feature | Mythic |
Affected:
0 , < 3.4.0.60
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T18:14:52.615981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T18:15:58.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mythic",
"repo": "https://github.com/its-a-feature/Mythic",
"vendor": "its-a-feature",
"versions": [
{
"lessThan": "3.4.0.60",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpoints with a known payload UUID from another operation to access that operation\u0027s C2 profile configuration including encryption keys and callback parameters."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T17:21:03.323Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Release Notes",
"tags": [
"release-notes"
],
"url": "https://github.com/its-a-feature/Mythic/releases/tag/v3.4.0.60"
},
{
"name": "Researcher Disclosure",
"tags": [
"issue-tracking"
],
"url": "https://github.com/its-a-feature/Mythic/issues/564"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/its-a-feature/Mythic/commit/82648e8241b800a32e1882afc310e7316d98ebaa"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/mythic-unauthorized-c2-profile-configuration-access-via-unverified-payload-uuid"
}
],
"tags": [
"x_open-source"
],
"title": "Mythic \u003c 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUID",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-57952",
"datePublished": "2026-06-29T17:21:03.323Z",
"dateReserved": "2026-06-26T13:59:33.047Z",
"dateUpdated": "2026-06-29T18:15:58.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57954 (GCVE-0-2026-57954)
Vulnerability from cvelistv5 – Published: 2026-06-29 17:21 – Updated: 2026-06-30 13:41 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/yahoo/elide/issues/3415 | issue-tracking |
| https://www.vulncheck.com/advisories/elide-permis… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57954",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:40:53.274225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:41:07.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/yahoo/elide/issues/3415"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:maven/com.yahoo.elide/elide-core",
"product": "elide",
"repo": "https://github.com/yahoo/elide",
"vendor": "yahoo",
"versions": [
{
"lessThanOrEqual": "7.1.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elide:elide:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.17",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across all rows via both JSON:API and GraphQL read paths."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T17:21:55.510Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Researcher Disclosure",
"tags": [
"issue-tracking"
],
"url": "https://github.com/yahoo/elide/issues/3415"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/elide-permission-bypass-in-sort-expression-validation"
}
],
"tags": [
"x_open-source"
],
"title": "Elide 7.1.17 - Permission Bypass in Sort Expression Validation",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-57954",
"datePublished": "2026-06-29T17:21:55.510Z",
"dateReserved": "2026-06-26T13:59:33.048Z",
"dateUpdated": "2026-06-30T13:41:07.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-58165 (GCVE-0-2026-58165)
Vulnerability from cvelistv5 – Published: 2026-06-30 15:49 – Updated: 2026-07-01 17:29 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/openziti/ziti/issues/4010 | technical-descriptionexploit |
| https://github.com/openziti/ziti/pull/4013 | issue-tracking |
| https://github.com/openziti/ziti/commit/3027fdffd… | patch |
| https://www.vulncheck.com/advisories/openziti-pri… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-58165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T03:55:57.538925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:29:19.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ziti",
"repo": "https://github.com/openziti/ziti",
"vendor": "openziti",
"versions": [
{
"lessThanOrEqual": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "3027fdffd3e57884487b7c46e5e669cfbc8becdf",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate function in controller/model/enrollment_manager.go verifies only that the target identity exists without performing authorization checks binding the caller to the target identity. Attackers can redeem the resulting one-time token through the unauthenticated client API enrollment endpoint to obtain a client certificate authenticating as the targeted admin identity, yielding full administrative control of the controller and the zero-trust overlay it manages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T15:49:12.654Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Researcher Disclosure",
"tags": [
"technical-description",
"exploit"
],
"url": "https://github.com/openziti/ziti/issues/4010"
},
{
"name": "Pull Request",
"tags": [
"issue-tracking"
],
"url": "https://github.com/openziti/ziti/pull/4013"
},
{
"name": "Fix Commit",
"tags": [
"patch"
],
"url": "https://github.com/openziti/ziti/commit/3027fdffd3e57884487b7c46e5e669cfbc8becdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/openziti-privilege-escalation-to-admin-via-unauthorized-enrollment-creation"
}
],
"tags": [
"x_open-source"
],
"title": "OpenZiti - Privilege Escalation to Admin via Unauthorized Enrollment Creation",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-58165",
"datePublished": "2026-06-30T15:49:12.654Z",
"dateReserved": "2026-06-29T16:03:38.521Z",
"dateUpdated": "2026-07-01T17:29:19.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-58167 (GCVE-0-2026-58167)
Vulnerability from cvelistv5 – Published: 2026-06-30 15:51 – Updated: 2026-06-30 17:51 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/ccfos/nightingale/releases/tag… | release-notes |
| https://github.com/ccfos/nightingale/issues/3173 | technical-description |
| https://github.com/ccfos/nightingale/pull/3175 | issue-tracking |
| https://github.com/ccfos/nightingale/commit/76281… | patch |
| https://www.vulncheck.com/advisories/nightingale-… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| ccfos | nightingale |
Affected:
0 , < 9.0.0-beta.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-58167",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T17:51:38.414928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T17:51:43.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "nightingale",
"repo": "https://github.com/ccfos/nightingale",
"vendor": "ccfos",
"versions": [
{
"lessThan": "9.0.0-beta.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-05-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Nightingale (n9e) before 9.0.0-beta.2 exposes full datasource configurations, including plaintext database passwords, HTTP bearer tokens, HTTP basic-auth passwords, and mTLS client keys, to any authenticated low-privilege (Standard role) user through POST /api/n9e/datasource/list. The route is registered without an admin authorization gate, unlike the sibling datasource mutation routes, and the open-source DatasourceFilter does not redact secret fields, so the secret-bearing settings, http, and auth objects are serialized in the response. The disclosed credentials enable access to the connected downstream systems."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T15:51:55.505Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Release Notes",
"tags": [
"release-notes"
],
"url": "https://github.com/ccfos/nightingale/releases/tag/v9.0.0-beta.2"
},
{
"name": "GitHub Issue",
"tags": [
"technical-description"
],
"url": "https://github.com/ccfos/nightingale/issues/3173"
},
{
"name": "Fix PR",
"tags": [
"issue-tracking"
],
"url": "https://github.com/ccfos/nightingale/pull/3175"
},
{
"name": "Fix Commit",
"tags": [
"patch"
],
"url": "https://github.com/ccfos/nightingale/commit/762819fbaa2350b73bce45bfaf6f8cf74b4abef8"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/nightingale-beta-2-datasource-credential-disclosure-to-low-privilege-users"
}
],
"tags": [
"x_open-source"
],
"title": "Nightingale \u003c 9.0.0-beta.2 - Datasource Credential Disclosure to Low-Privilege Users",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-58167",
"datePublished": "2026-06-30T15:51:55.505Z",
"dateReserved": "2026-06-29T16:03:38.521Z",
"dateUpdated": "2026-06-30T17:51:43.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-58168 (GCVE-0-2026-58168)
Vulnerability from cvelistv5 – Published: 2026-06-30 15:52 – Updated: 2026-06-30 16:48 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/HKUDS/DeepTutor/releases/tag/v1.4.10 | release-notes |
| https://github.com/HKUDS/DeepTutor/pull/579 | issue-tracking |
| https://github.com/HKUDS/DeepTutor/commit/9004637… | patch |
| https://www.vulncheck.com/advisories/deeptutor-in… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-58168",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T16:48:33.006727Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T16:48:55.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/HKUDS/DeepTutor/pull/579"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeepTutor",
"repo": "https://github.com/HKUDS/DeepTutor",
"vendor": "HKUDS",
"versions": [
{
"lessThan": "1.4.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chia Min Jun Lennon"
}
],
"datePublic": "2026-06-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "DeepTutor before version 1.4.10 contains an authorization bypass vulnerability that allows low-privilege users to invoke unrestricted MCP tools due to the allowed_mcp_tools function returning None instead of a denied result when mcp_tools is omitted from a user\u0027s grant in deeptutor/multi_user/tool_access.py. Attackers or prompt-injected content acting within a user session can enumerate and invoke any configured MCP tool, including filesystem, shell, and browser servers, gaining unauthorized access to sensitive deployment resources."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T15:52:22.032Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Release Notes",
"tags": [
"release-notes"
],
"url": "https://github.com/HKUDS/DeepTutor/releases/tag/v1.4.10"
},
{
"name": "Fix PR",
"tags": [
"issue-tracking"
],
"url": "https://github.com/HKUDS/DeepTutor/pull/579"
},
{
"name": "Fix Commit",
"tags": [
"patch"
],
"url": "https://github.com/HKUDS/DeepTutor/commit/90046374b3dcd4f8a866d2d64a64440bc08eb2ef"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/deeptutor-insecure-default-grants-unrestricted-mcp-tool-access-to-non-admin-users"
}
],
"tags": [
"x_open-source"
],
"title": "DeepTutor \u003c 1.4.10 - Insecure Default Grants Unrestricted MCP Tool Access to Non-Admin Users",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-58168",
"datePublished": "2026-06-30T15:52:22.032Z",
"dateReserved": "2026-06-29T16:03:38.521Z",
"dateUpdated": "2026-06-30T16:48:55.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-58176 (GCVE-0-2026-58176)
Vulnerability from cvelistv5 – Published: 2026-06-30 15:56 – Updated: 2026-07-01 14:39 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/dromara/RuoYi-Vue-Plus/issues/44 | technical-descriptionexploit |
| https://github.com/dromara/RuoYi-Vue-Plus/commit/… | patch |
| https://www.vulncheck.com/advisories/ruoyi-vue-pl… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| dromara | RuoYi-Vue-Plus |
Affected:
0 , ≤ 5.6.2
(semver)
Unaffected: 88d03d970d4d1e96e4fb2dfefaf19f627e8673e9 (git) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-58176",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T14:37:56.956228Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T14:39:29.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/dromara/RuoYi-Vue-Plus/issues/44"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RuoYi-Vue-Plus",
"repo": "https://github.com/dromara/RuoYi-Vue-Plus",
"vendor": "dromara",
"versions": [
{
"lessThanOrEqual": "5.6.2",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "88d03d970d4d1e96e4fb2dfefaf19f627e8673e9",
"versionType": "git"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dromara:ruoyi-vue-plus:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.6.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "RuoYi-Vue-Plus through 5.6.2, fixed in commit 88d03d9, exposes workflow task management endpoints under /workflow/task (FlwTaskController) without any permission check: the controller declares no class-level or method-level authorization annotation, so the endpoints are gated only by global authentication. Any authenticated user, regardless of assigned role, can therefore reassign workflow approval tasks to arbitrary users via updateAssignee (defeating segregation of duties in the approval process), urge arbitrary tasks, and enumerate all pending and finished tasks via the pageByAllTaskWait and pageByAllTaskFinish listing endpoints. The issue was resolved by adding permission identifiers (SaCheckPermission) to these endpoints."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T15:56:17.884Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Researcher Disclosure",
"tags": [
"technical-description",
"exploit"
],
"url": "https://github.com/dromara/RuoYi-Vue-Plus/issues/44"
},
{
"name": "Fix Commit",
"tags": [
"patch"
],
"url": "https://github.com/dromara/RuoYi-Vue-Plus/commit/88d03d970d4d1e96e4fb2dfefaf19f627e8673e9"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ruoyi-vue-plus-missing-authorization-on-workflow-task-management-endpoints"
}
],
"tags": [
"x_open-source"
],
"title": "RuoYi-Vue-Plus - Missing Authorization on Workflow Task Management Endpoints",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-58176",
"datePublished": "2026-06-30T15:56:17.884Z",
"dateReserved": "2026-06-29T16:23:52.713Z",
"dateUpdated": "2026-07-01T14:39:29.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-58373 (GCVE-0-2026-58373)
Vulnerability from cvelistv5 – Published: 2026-06-30 15:58 – Updated: 2026-06-30 16:46 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/cvat-ai/cvat/releases/tag/v2.69.0 | release-notes |
| https://github.com/cvat-ai/cvat/pull/10807 | issue-tracking |
| https://github.com/cvat-ai/cvat/commit/27953f19d2… | patch |
| https://www.vulncheck.com/advisories/cvat-missing… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-58373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T16:46:26.096798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T16:46:37.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cvat",
"repo": "https://github.com/cvat-ai/cvat",
"vendor": "cvat-ai",
"versions": [
{
"lessThan": "2.69.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cvat:cvat:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.69.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CVAT before 2.69.0 contains an improper authorization vulnerability in QualityReportViewSet.get_queryset that allows authenticated attackers to enumerate quality report identifiers belonging to other organizations by exploiting a missing check_object_permissions call on the parent_id query parameter of the quality reports API endpoint. Attackers can send requests with sequential integer parent_id values and distinguish between existing and non-existing reports via HTTP 500 versus HTTP 404 response differences, disclosing cross-organization report existence without returning report content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T15:58:22.129Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Release Notes",
"tags": [
"release-notes"
],
"url": "https://github.com/cvat-ai/cvat/releases/tag/v2.69.0"
},
{
"name": "Fix PR",
"tags": [
"issue-tracking"
],
"url": "https://github.com/cvat-ai/cvat/pull/10807"
},
{
"name": "Fix Commit",
"tags": [
"patch"
],
"url": "https://github.com/cvat-ai/cvat/commit/27953f19d2265f8b495369f816730a7452db791b"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cvat-missing-authorization-on-quality-reports-parent-id-filter-leaks-cross-organization-report-existence"
}
],
"tags": [
"x_open-source"
],
"title": "CVAT \u003c 2.69.0 - Missing Authorization on Quality Reports parent_id Filter Leaks Cross-Organization Report Existence",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-58373",
"datePublished": "2026-06-30T15:58:22.129Z",
"dateReserved": "2026-06-30T12:32:16.547Z",
"dateUpdated": "2026-06-30T16:46:37.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.