CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-59227 (GCVE-0-2026-59227)
Vulnerability from cvelistv5 – Published: 2026-07-09 15:56 – Updated: 2026-07-09 15:56| URL | Tags |
|---|---|
| https://github.com/open-webui/open-webui/security… | x_refsource_CONFIRM |
| https://github.com/open-webui/open-webui/pull/26009 | x_refsource_MISC |
| https://github.com/open-webui/open-webui/commit/e… | x_refsource_MISC |
| https://github.com/open-webui/open-webui/releases… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| open-webui | open-webui |
Affected:
>= 0.8.11, < 0.10.0
|
{
"containers": {
"cna": {
"affected": [
{
"product": "open-webui",
"vendor": "open-webui",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.8.11, \u003c 0.10.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to invoke server-side image editing with administrator-configured provider credentials. This issue is fixed in version 0.10.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T15:56:44.042Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/open-webui/open-webui/security/advisories/GHSA-rqj7-6wrp-6g2g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/open-webui/open-webui/security/advisories/GHSA-rqj7-6wrp-6g2g"
},
{
"name": "https://github.com/open-webui/open-webui/pull/26009",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-webui/open-webui/pull/26009"
},
{
"name": "https://github.com/open-webui/open-webui/commit/e038bab66dec8d17212eec35b5cb6d6b785a4200",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-webui/open-webui/commit/e038bab66dec8d17212eec35b5cb6d6b785a4200"
},
{
"name": "https://github.com/open-webui/open-webui/releases/tag/v0.10.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-webui/open-webui/releases/tag/v0.10.0"
}
],
"source": {
"advisory": "GHSA-rqj7-6wrp-6g2g",
"discovery": "UNKNOWN"
},
"title": "Open WebUI: POST /api/v1/images/edit bypasses the global image-edit switch and the per-user image-generation permission"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-59227",
"datePublished": "2026-07-09T15:56:44.042Z",
"dateReserved": "2026-07-02T21:05:02.925Z",
"dateUpdated": "2026-07-09T15:56:44.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-59262 (GCVE-0-2026-59262)
Vulnerability from cvelistv5 – Published: 2026-07-08 15:44 – Updated: 2026-07-08 19:34- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/toeverything/AFFiNE/issues/15179 | issue-tracking |
| https://github.com/toeverything/AFFiNE | product |
| https://github.com/toeverything/AFFiNE/commit/1f0… | patch |
| https://www.vulncheck.com/advisories/affine-unaut… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-59262",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T17:43:26.413343Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T19:34:54.213Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/toeverything/AFFiNE/issues/15179"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageURL": "pkg:npm/affine/monorepo",
"product": "monorepo",
"vendor": "affine",
"versions": [
{
"lessThan": "0.26.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1f0bcd0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "George Chen"
}
],
"datePublic": "2026-06-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AFFiNE\u0027s histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails, and timestamps of private pages they lack access to."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T15:44:07.878Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Issue",
"tags": [
"issue-tracking"
],
"url": "https://github.com/toeverything/AFFiNE/issues/15179"
},
{
"name": "Product",
"tags": [
"product"
],
"url": "https://github.com/toeverything/AFFiNE"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/toeverything/AFFiNE/commit/1f0bcd01a37a522393fc1b288395e3a72a79ccad"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/affine-unauthorized-document-edit-history-access-via-graphql-histories-field"
}
],
"title": "AFFiNE - Unauthorized Document Edit History Access via GraphQL histories Field",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-59262",
"datePublished": "2026-07-08T15:44:07.878Z",
"dateReserved": "2026-07-04T12:17:14.302Z",
"dateUpdated": "2026-07-08T19:34:54.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5944 (GCVE-0-2026-5944)
Vulnerability from cvelistv5 – Published: 2026-04-28 13:06 – Updated: 2026-04-28 14:14 X_Api Security X_Unauthenticated Access X_Cisco Intersight Device Connector X_Prism Central X_Port 7373| URL | Tags |
|---|---|
| https://download.nutanix.com/alerts/Security_Advi… | vendor-advisory |
| https://portal.nutanix.com/page/documents/list?ty… | release-notes |
| https://www.nutanix.com/support | x_support |
| Vendor | Product | Version | |
|---|---|---|---|
| Nutanix | Cisco Intersight Device Connector for Prism Central |
Affected:
4.3.0 , < 7.5.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5944",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:14:48.970984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:14:58.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cisco Intersight Device Connector for Prism Central",
"vendor": "Nutanix",
"versions": [
{
"changes": [
{
"at": "7.5.1",
"status": "unaffected"
}
],
"lessThan": "7.5.1",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe vulnerability is exploitable only when the Cisco Intersight Device Connector has been manually installed via the Prism Central Marketplace. If the connector is not enabled, the affected service and TCP port 7373 remain closed and unexposed.\u003c/p\u003e\u003cp\u003eOrganizations are impacted only when the connector is active and running a version greater than or equal to 4.3.0 and less than 7.5.1, which can be verified by navigating to the Admin Center in Prism Central, selecting the My Apps tab and verifying the installation status and version of the Cisco Intersight Device Connector.\u003c/p\u003e"
}
],
"value": "The vulnerability is exploitable only when the Cisco Intersight Device Connector has been manually installed via the Prism Central Marketplace. If the connector is not enabled, the affected service and TCP port 7373 remain closed and unexposed.\nOrganizations are impacted only when the connector is active and running a version greater than or equal to 4.3.0 and less than 7.5.1, which can be verified by navigating to the Admin Center in Prism Central, selecting the My Apps tab and verifying the installation status and version of the Cisco Intersight Device Connector."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nutanix:cisco_intersight_device_connector_for_prism_central:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.5.1",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "External Security Researcher (via Cisco)"
}
],
"datePublic": "2026-04-28T13:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication.\u003c/p\u003e\u003cp\u003eAn unauthenticated attacker with network access can exploit this vulnerability by sending crafted requests to the exposed endpoint to enumerate cluster metadata, including virtual machine information and cluster configuration details. While the API primarily supports read-only operations, it also allows certain cluster maintenance workflows to be invoked.\u003c/p\u003e\u003cp\u003eAlthough this vulnerability does not allow persistent modification of system configurations or access to credentials or sensitive user data, successful exploitation may result in disruption of active workloads, leading to loss of service availability within the affected environment.\u003c/p\u003e"
}
],
"value": "An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication.\n\n\n\nAn unauthenticated attacker with network access can exploit this vulnerability by sending crafted requests to the exposed endpoint to enumerate cluster metadata, including virtual machine information and cluster configuration details. While the API primarily supports read-only operations, it also allows certain cluster maintenance workflows to be invoked.\n\n\n\nAlthough this vulnerability does not allow persistent modification of system configurations or access to credentials or sensitive user data, successful exploitation may result in disruption of active workloads, leading to loss of service availability within the affected environment."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Nutanix Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\u003c/p\u003e"
}
],
"value": "The Nutanix Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:U/V:C/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CNA",
"version": "2.0.3"
},
"type": "ssvc"
},
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing authentication for critical function",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T13:06:35.686Z",
"orgId": "2ffdacf6-8681-47df-b023-4f11abd61c1d",
"shortName": "Nutanix"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://download.nutanix.com/alerts/Security_Advisory_0046.pdf"
},
{
"tags": [
"release-notes"
],
"url": "https://portal.nutanix.com/page/documents/list?type=software\u0026filterKey=software\u0026filterVal=Prism"
},
{
"tags": [
"x_support"
],
"url": "https://www.nutanix.com/support"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNutanix has released version 7.5.1 of the Cisco Intersight Device Connector:\u003c/p\u003e\u003cul\u003e\u003cli\u003eLog in to Prism Central (PC) and navigate to the Life Cycle Manager (LCM) Dashboard.\u003c/li\u003e\u003cli\u003eClick \"Perform Inventory\" or \"Get Full Inventory\" to refresh the inventory.\u003c/li\u003e\u003cli\u003eAfter the inventory refresh completes, navigate to the Marketplace.\u003c/li\u003e\u003cli\u003eSelect the Cisco Intersight Device Connector.\u003c/li\u003e\u003cli\u003eClick \"Upgrade\" to update to version 7.5.1 or later.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Nutanix has released version 7.5.1 of the Cisco Intersight Device Connector:\n * Log in to Prism Central (PC) and navigate to the Life Cycle Manager (LCM) Dashboard.\n * Click \"Perform Inventory\" or \"Get Full Inventory\" to refresh the inventory.\n * After the inventory refresh completes, navigate to the Marketplace.\n * Select the Cisco Intersight Device Connector.\n * Click \"Upgrade\" to update to version 7.5.1 or later."
}
],
"source": {
"advisory": "nutanix-sa-0046",
"discovery": "EXTERNAL"
},
"tags": [
"x_api-security",
"x_unauthenticated-access",
"x_cisco-intersight-device-connector",
"x_prism-central",
"x_port-7373"
],
"timeline": [
{
"lang": "en",
"time": "2026-04-08T15:45:00.000Z",
"value": "Initial vulnerability analysis and internal update"
},
{
"lang": "en",
"time": "2026-04-08T18:30:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2026-04-28T13:06:00.000Z",
"value": "Advisory published"
}
],
"title": "Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf upgrading the Cisco Intersight Device Connector to version 7.5.1 or later is not immediately possible, restrict access to TCP port 7373 by limiting the service to internal traffic only:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEstablish an SSH session to Prism Central (PC).\u003c/li\u003e\u003cli\u003eExecute the following command to reconfigure the service visibility to internal traffic only: \u003ccode\u003esudo kubectl -n pc-platform-other annotate service cisco-device-connector service.msp.ntnx.io/lb=pc-internal --overwrite\u003c/code\u003e\u003c/li\u003e\u003cli\u003eRun the following command: \u003ccode\u003esudo kubectl get svc -n pc-platform-other\u003c/code\u003e and verify that the Cisco Intersight Device Connector is no longer associated with the Prism Central public IP address.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "If upgrading the Cisco Intersight Device Connector to version 7.5.1 or later is not immediately possible, restrict access to TCP port 7373 by limiting the service to internal traffic only:\n * Establish an SSH session to Prism Central (PC).\n * Execute the following command to reconfigure the service visibility to internal traffic only: sudo kubectl -n pc-platform-other annotate service cisco-device-connector service.msp.ntnx.io/lb=pc-internal --overwrite\n * Run the following command: sudo kubectl get svc -n pc-platform-other and verify that the Cisco Intersight Device Connector is no longer associated with the Prism Central public IP address."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "2ffdacf6-8681-47df-b023-4f11abd61c1d",
"assignerShortName": "Nutanix",
"cveId": "CVE-2026-5944",
"datePublished": "2026-04-28T13:06:35.686Z",
"dateReserved": "2026-04-09T05:40:22.214Z",
"dateUpdated": "2026-04-28T14:14:58.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-59704 (GCVE-0-2026-59704)
Vulnerability from cvelistv5 – Published: 2026-07-07 22:18 – Updated: 2026-07-09 18:44- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/CapSoftware/Cap/issues/1981 | issue-tracking |
| https://github.com/CapSoftware/Cap | product |
| https://github.com/CapSoftware/Cap/commit/8d48642… | patch |
| https://www.vulncheck.com/advisories/cap-missing-… | third-party-advisory |
| https://github.com/CapSoftware/Cap/pull/1926 | technical-description |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-59704",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:02:07.868302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:02:14.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/CapSoftware/Cap/issues/1981"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/cap",
"product": "Cap",
"vendor": "Cap",
"versions": [
{
"lessThanOrEqual": "8d48642",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:capnproto:capnproto:*:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "George Chen"
}
],
"datePublic": "2026-07-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cap\u0027s GET /api/video/ai endpoint fails to validate user ownership or membership before returning private video AI metadata including titles, summaries, and chapters. Authenticated attackers can supply arbitrary video IDs to read sensitive AI-generated content and trigger unauthorized AI generation that consumes the video owner\u0027s credits without consent."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T18:44:41.506Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Issue",
"tags": [
"issue-tracking"
],
"url": "https://github.com/CapSoftware/Cap/issues/1981"
},
{
"name": "Product",
"tags": [
"product"
],
"url": "https://github.com/CapSoftware/Cap"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/CapSoftware/Cap/commit/8d48642b6e7938af238386383ef1c273be4110dd"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cap-missing-access-control-in-video-ai-metadata-endpoint"
},
{
"name": "Pull Request",
"tags": [
"technical-description"
],
"url": "https://github.com/CapSoftware/Cap/pull/1926"
}
],
"title": "Cap - Missing Access Control in Video AI Metadata Endpoint",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-59704",
"datePublished": "2026-07-07T22:18:48.724Z",
"dateReserved": "2026-07-06T15:31:46.187Z",
"dateUpdated": "2026-07-09T18:44:41.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-59708 (GCVE-0-2026-59708)
Vulnerability from cvelistv5 – Published: 2026-07-07 18:38 – Updated: 2026-07-09 18:36- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/ghostfolio/ghostfolio/issues/7197 | issue-tracking |
| https://github.com/ghostfolio/ghostfolio | product |
| https://github.com/ghostfolio/ghostfolio/commit/6… | patch |
| https://www.vulncheck.com/advisories/ghostfolio-u… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| ghostfolio | ghostfolio |
Affected:
0 , ≤ 3.6.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-59708",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:43:37.879668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:45:00.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/ghostfolio",
"product": "ghostfolio",
"vendor": "ghostfolio",
"versions": [
{
"lessThanOrEqual": "3.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ghostfol:ghostfolio:*:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "George Chen"
}
],
"datePublic": "2026-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs without validating granteeUserId filtering, allowing unauthenticated access to full portfolio data. Attackers with a private access ID can retrieve sensitive portfolio information including holdings, quantities, buy prices, and performance metrics without authentication."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T18:36:39.332Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Issue",
"tags": [
"issue-tracking"
],
"url": "https://github.com/ghostfolio/ghostfolio/issues/7197"
},
{
"name": "Product",
"tags": [
"product"
],
"url": "https://github.com/ghostfolio/ghostfolio"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/ghostfolio/ghostfolio/commit/697ef59e3b58bebc5c21a9e482e4f5643390f316"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ghostfolio-unauthorized-portfolio-data-exposure-via-public-endpoint"
}
],
"title": "Ghostfolio - Unauthorized Portfolio Data Exposure via Public Endpoint",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-59708",
"datePublished": "2026-07-07T18:38:50.482Z",
"dateReserved": "2026-07-06T15:31:46.188Z",
"dateUpdated": "2026-07-09T18:36:39.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-59709 (GCVE-0-2026-59709)
Vulnerability from cvelistv5 – Published: 2026-07-07 14:12 – Updated: 2026-07-09 18:33- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/ghostfolio/ghostfolio/issues/7196 | issue-tracking |
| https://github.com/ghostfolio/ghostfolio | product |
| https://github.com/ghostfolio/ghostfolio/commit/6… | patch |
| https://www.vulncheck.com/advisories/ghostfolio-u… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Ghostfolio | Ghostfolio |
Affected:
0 , ≤ 3.6.0
(git)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-59709",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T16:49:02.251483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T17:11:10.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/ghostfolio/ghostfolio/issues/7196"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/ghostfolio",
"product": "Ghostfolio",
"vendor": "Ghostfolio",
"versions": [
{
"lessThanOrEqual": "3.6.0",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ghostfol:ghostfolio:*:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "George Chen"
}
],
"datePublic": "2026-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Ghostfolio\u0027s PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint fails to verify Access.permissions field when processing the Impersonation-Id header, allowing read-only access grantees to modify portfolio holding tags. Attackers with valid read-only share tokens can assign or remove tags on victim holdings, corrupting portfolio categorization and reports."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T18:33:44.700Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Issue",
"tags": [
"issue-tracking"
],
"url": "https://github.com/ghostfolio/ghostfolio/issues/7196"
},
{
"name": "Product",
"tags": [
"product"
],
"url": "https://github.com/ghostfolio/ghostfolio"
},
{
"name": "Patch Commit",
"tags": [
"patch"
],
"url": "https://github.com/ghostfolio/ghostfolio/commit/697ef59e3b58bebc5c21a9e482e4f5643390f316"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ghostfolio-unauthorized-portfolio-holding-tag-modification-via-missing-permission-check"
}
],
"title": "Ghostfolio - Unauthorized Portfolio Holding Tag Modification via Missing Permission Check",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-59709",
"datePublished": "2026-07-07T14:12:23.972Z",
"dateReserved": "2026-07-06T15:31:46.188Z",
"dateUpdated": "2026-07-09T18:33:44.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-59805 (GCVE-0-2026-59805)
Vulnerability from cvelistv5 – Published: 2026-07-08 19:43 – Updated: 2026-07-09 14:41 X_Open Source- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/antiwork/gumroad/issues/5725 | technical-description |
| https://github.com/antiwork/gumroad/releases/tag/… | release-notes |
| https://github.com/antiwork/gumroad/pull/5731 | issue-tracking |
| https://github.com/antiwork/gumroad/commit/e7fd0e… | patch |
| https://www.vulncheck.com/advisories/gumroad-inse… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-59805",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-09T13:37:43.271098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T14:41:10.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/gumroad",
"product": "gumroad",
"repo": "https://github.com/antiwork/gumroad",
"vendor": "antiwork",
"versions": [
{
"lessThan": "2026.07.06.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "George Chen"
}
],
"datePublic": "2026-07-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers\u0027 products by sending PUT requests to the revoke_access and undo_revoke_access actions without seller ownership validation. Attackers can modify the is_access_revoked status on arbitrary purchases to unauthorized revoke or restore buyer access to products they do not own."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T19:43:10.711Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Researcher Disclousure",
"tags": [
"technical-description"
],
"url": "https://github.com/antiwork/gumroad/issues/5725"
},
{
"name": "Release Notes",
"tags": [
"release-notes"
],
"url": "https://github.com/antiwork/gumroad/releases/tag/v2026.07.06.2"
},
{
"name": "Fix PR",
"tags": [
"issue-tracking"
],
"url": "https://github.com/antiwork/gumroad/pull/5731"
},
{
"name": "Fix Commit",
"tags": [
"patch"
],
"url": "https://github.com/antiwork/gumroad/commit/e7fd0e610e73135ecf1aa07c197a36fa524832e1"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/gumroad-insecure-direct-object-reference-in-purchasescontroller"
}
],
"tags": [
"x_open-source"
],
"title": "Gumroad \u003c 2026.07.06.2 - Insecure Direct Object Reference in PurchasesController",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-59805",
"datePublished": "2026-07-08T19:43:10.711Z",
"dateReserved": "2026-07-07T14:39:14.062Z",
"dateUpdated": "2026-07-09T14:41:10.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-59853 (GCVE-0-2026-59853)
Vulnerability from cvelistv5 – Published: 2026-07-09 22:20 – Updated: 2026-07-10 13:47- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/siyuan-note/siyuan/security/ad… | x_refsource_CONFIRM |
| https://github.com/siyuan-note/siyuan/commit/0049… | x_refsource_MISC |
| https://github.com/siyuan-note/siyuan/releases/ta… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| siyuan-note | siyuan |
Affected:
< 3.7.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-59853",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-10T13:47:32.142690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T13:47:41.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-px3c-cf92-9g83"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used by sibling storage endpoints, allowing a publish-mode Reader to read private document paths, notebook, document, and block IDs, and search and replace keywords for unpublished documents. This issue is fixed in versions 3.7.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T22:20:52.898Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-px3c-cf92-9g83",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-px3c-cf92-9g83"
},
{
"name": "https://github.com/siyuan-note/siyuan/commit/0049d0f04ffe9837760d29248b9ef31605077d36",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/siyuan-note/siyuan/commit/0049d0f04ffe9837760d29248b9ef31605077d36"
},
{
"name": "https://github.com/siyuan-note/siyuan/releases/tag/v3.7.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/siyuan-note/siyuan/releases/tag/v3.7.1"
}
],
"source": {
"advisory": "GHSA-px3c-cf92-9g83",
"discovery": "UNKNOWN"
},
"title": "SiYuan: Publish-mode Reader can exfiltrate private saved-search Criteria via /api/storage/getCriteria (missing publish-access filter)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-59853",
"datePublished": "2026-07-09T22:20:52.898Z",
"dateReserved": "2026-07-07T15:41:53.606Z",
"dateUpdated": "2026-07-10T13:47:41.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-60124 (GCVE-0-2026-60124)
Vulnerability from cvelistv5 – Published: 2026-07-08 13:30 – Updated: 2026-07-08 14:36- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/MISP/MISP/commit/d0725fc34fda2… | patch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-60124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T14:36:16.201324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T14:36:23.494Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "misp",
"repo": "https://github.com/misp/misp",
"vendor": "misp",
"versions": [
{
"lessThanOrEqual": "2.5.42",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Sami Mokaddem"
},
{
"lang": "en",
"type": "finder",
"value": "Berk Polat"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Claude Opus 4.8 (1M context) aka Claudy"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn authorization bypass in MISP\u2019s \u003ccode\u003eEventsController::importModule()\u003c/code\u003e allowed authenticated users or read-only API keys with event view access to persist data to events they were not allowed to modify. When an import module returned results in the \u003ccode\u003emisp_standard\u003c/code\u003e format, the write path did not verify event modification rights before saving the module output. This could allow a view-only user to inject or alter event data, impacting the integrity of MISP event content. The issue was fixed by enforcing the same modification-rights check used by related module result handling paths before processing \u003ccode\u003emisp_standard\u003c/code\u003e imports.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "An authorization bypass in MISP\u2019s EventsController::importModule() allowed authenticated users or read-only API keys with event view access to persist data to events they were not allowed to modify. When an import module returned results in the misp_standard format, the write path did not verify event modification rights before saving the module output. This could allow a view-only user to inject or alter event data, impacting the integrity of MISP event content. The issue was fixed by enforcing the same modification-rights check used by related module result handling paths before processing misp_standard imports."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:30:14.637Z",
"orgId": "5a6e4751-2f3f-4070-9419-94fb35b644e8",
"shortName": "CIRCL"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/MISP/MISP/commit/d0725fc34fda256cc57e5a8f0543cd541033e008"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MISP importModule missing authorization allows read-only users to modify events via misp_standard imports",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5a6e4751-2f3f-4070-9419-94fb35b644e8",
"assignerShortName": "CIRCL",
"cveId": "CVE-2026-60124",
"datePublished": "2026-07-08T13:30:14.637Z",
"dateReserved": "2026-07-08T13:30:08.370Z",
"dateUpdated": "2026-07-08T14:36:23.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6109 (GCVE-0-2026-6109)
Vulnerability from cvelistv5 – Published: 2026-04-12 01:30 – Updated: 2026-04-14 16:33| URL | Tags |
|---|---|
| https://vuldb.com/vuln/356969 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/356969/cti | signaturepermissions-required |
| https://vuldb.com/submit/791759 | third-party-advisory |
| https://github.com/FoundationAgents/MetaGPT/issues/1932 | exploitissue-tracking |
| https://github.com/FoundationAgents/MetaGPT/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| FoundationAgents | MetaGPT |
Affected:
0.8.0
Affected: 0.8.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6109",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T15:17:18.777544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:33:38.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Mineflayer HTTP API"
],
"product": "MetaGPT",
"vendor": "FoundationAgents",
"versions": [
{
"status": "affected",
"version": "0.8.0"
},
{
"status": "affected",
"version": "0.8.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-d (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-12T01:30:15.439Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-356969 | FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/356969"
},
{
"name": "VDB-356969 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/356969/cti"
},
{
"name": "Submit #791759 | FoundationAgents MetaGPT 0.8.1 Cross Site Request Forgery (CWE-352)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/791759"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/FoundationAgents/MetaGPT/issues/1932"
},
{
"tags": [
"product"
],
"url": "https://github.com/FoundationAgents/MetaGPT/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-11T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-11T09:54:47.000Z",
"value": "VulDB entry last update"
}
],
"title": "FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-6109",
"datePublished": "2026-04-12T01:30:15.439Z",
"dateReserved": "2026-04-11T07:49:27.735Z",
"dateUpdated": "2026-04-14T16:33:38.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.