https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 28 Jun 2026 06:37:41 +0000 https://vulnerability.circl.lu/sighting/6ac4e749-1496-40d7-90bf-936cb8f26b27/export {"uuid": "6ac4e749-1496-40d7-90bf-936cb8f26b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-3710", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3710", "content": "", "creation_timestamp": "2026-03-08T05:16:11.000000Z"} {"uuid": "6ac4e749-1496-40d7-90bf-936cb8f26b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-3710", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3710", "content": "", "creation_timestamp": "2026-03-08T05:16:11.000000Z"} https://vulnerability.circl.lu/sighting/6ac4e749-1496-40d7-90bf-936cb8f26b27/export Sun, 08 Mar 2026 05:16:11 +0000 https://vulnerability.circl.lu/sighting/854f1d84-5d21-4270-ab2d-83cf5169d7e9/export {"uuid": "854f1d84-5d21-4270-ab2d-83cf5169d7e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-37100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjmzhvrol52p", "content": "", "creation_timestamp": "2026-04-16T18:20:02.733671Z"} {"uuid": "854f1d84-5d21-4270-ab2d-83cf5169d7e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-37100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjmzhvrol52p", "content": "", "creation_timestamp": "2026-04-16T18:20:02.733671Z"} https://vulnerability.circl.lu/sighting/854f1d84-5d21-4270-ab2d-83cf5169d7e9/export Thu, 16 Apr 2026 18:20:02 +0000 https://vulnerability.circl.lu/sighting/d2c80086-5db1-468f-9fd6-983e4f4b6200/export {"uuid": "d2c80086-5db1-468f-9fd6-983e4f4b6200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-37106", "type": "seen", "source": "https://gist.github.com/KyrieKlay/3260f4eeea025f2cd1daa7eb1360c5a1", "content": "[CVE-ID]\nCVE-2026-37106\n\n[PRODUCT]\nDokuWiki 2025-05-14b\n\n[TYPE]\nIncorrect Access Control (Unauthorized User Registration)\n\n[DESCRIPTION]\nAn unauthorized user registration vulnerability exists in DokuWiki. Attackers can create user accounts without any authentication by sending crafted HTTP requests to the registration endpoint. This vulnerability bypasses both CSRF protections and access control mechanisms.\n\n[DETAILS]\nThe vulnerability resides in the `register()` function located in `inc/auth.php`. The root cause is that this function lacks the following critical security checks when processing registration requests:\n1. **Missing CSRF token validation**: Fails to prevent cross-site request forgery attacks.\n2. **Missing authentication check**: Allows any unauthenticated user to call this function and create accounts.\n\nThe exploitation method and subsequent impact depend on the `autopasswd` configuration:\n* When `autopasswd=1` (default), the system ignores user-submitted passwords, auto-generates a random password, and sends it to the registered email. Attackers need access to that email (or exploit misconfigured mail settings) to complete login, but account creation itself is not hindered.\n* When `autopasswd=0`, the system uses the password submitted by the attacker in the request. Attackers can immediately log in with the submitted password, achieving instant and complete account takeover.\n\n**Reproduction Steps (verified in a local test environment):**\n1. Send the following POST request to the registration endpoint (no Cookie or Token required):\n ```http\n POST /doku.php HTTP/1.1\n Host: [YOUR_LOCAL_TEST_HOST]\n Content-Type: application/x-www-form-urlencoded\n\n do=register&save=1&login=attacker&pass=Password123&passchk=Password123&fullname=Attacker&email=attacker@test.com\n ```\n[Mitigation & Fix Recommendations]\n1. Code Fix: Add if (!checkSecurityToken()) return false; to the register() function before processing registration logic to enforce CSRF protection. Optionally, add authentication checks as needed (e.g., if (!isset($_SERVER['REMOTE_USER'])) return false;).\n\n2. Configuration Hardening:\nEnable Access Control Lists ($conf['useacl'] = 1).\nProperly configure email services to ensure password reset and recovery functions work.\nConsider implementing CAPTCHA for the registration form to prevent automated attacks.\nLog all registration attempts for security auditing.\n\n[MORE]\nhttps://www.cnblogs.com/blimey/articles/20794218", "creation_timestamp": "2026-06-25T03:16:32.138638Z"} {"uuid": "d2c80086-5db1-468f-9fd6-983e4f4b6200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-37106", "type": "seen", "source": "https://gist.github.com/KyrieKlay/3260f4eeea025f2cd1daa7eb1360c5a1", "content": "[CVE-ID]\nCVE-2026-37106\n\n[PRODUCT]\nDokuWiki 2025-05-14b\n\n[TYPE]\nIncorrect Access Control (Unauthorized User Registration)\n\n[DESCRIPTION]\nAn unauthorized user registration vulnerability exists in DokuWiki. Attackers can create user accounts without any authentication by sending crafted HTTP requests to the registration endpoint. This vulnerability bypasses both CSRF protections and access control mechanisms.\n\n[DETAILS]\nThe vulnerability resides in the `register()` function located in `inc/auth.php`. The root cause is that this function lacks the following critical security checks when processing registration requests:\n1. **Missing CSRF token validation**: Fails to prevent cross-site request forgery attacks.\n2. **Missing authentication check**: Allows any unauthenticated user to call this function and create accounts.\n\nThe exploitation method and subsequent impact depend on the `autopasswd` configuration:\n* When `autopasswd=1` (default), the system ignores user-submitted passwords, auto-generates a random password, and sends it to the registered email. Attackers need access to that email (or exploit misconfigured mail settings) to complete login, but account creation itself is not hindered.\n* When `autopasswd=0`, the system uses the password submitted by the attacker in the request. Attackers can immediately log in with the submitted password, achieving instant and complete account takeover.\n\n**Reproduction Steps (verified in a local test environment):**\n1. Send the following POST request to the registration endpoint (no Cookie or Token required):\n ```http\n POST /doku.php HTTP/1.1\n Host: [YOUR_LOCAL_TEST_HOST]\n Content-Type: application/x-www-form-urlencoded\n\n do=register&save=1&login=attacker&pass=Password123&passchk=Password123&fullname=Attacker&email=attacker@test.com\n ```\n[Mitigation & Fix Recommendations]\n1. Code Fix: Add if (!checkSecurityToken()) return false; to the register() function before processing registration logic to enforce CSRF protection. Optionally, add authentication checks as needed (e.g., if (!isset($_SERVER['REMOTE_USER'])) return false;).\n\n2. Configuration Hardening:\nEnable Access Control Lists ($conf['useacl'] = 1).\nProperly configure email services to ensure password reset and recovery functions work.\nConsider implementing CAPTCHA for the registration form to prevent automated attacks.\nLog all registration attempts for security auditing.\n\n[MORE]\nhttps://www.cnblogs.com/blimey/articles/20794218", "creation_timestamp": "2026-06-25T03:16:32.138638Z"} https://vulnerability.circl.lu/sighting/d2c80086-5db1-468f-9fd6-983e4f4b6200/export Thu, 25 Jun 2026 03:16:32 +0000