Skip to main content
CVE-2026-4286 LOW PATCH Monitor

Authorization bypass in Mattermost 10.11.x through 10.11.13 and 11.5.x through 11.5.1 allows authenticated users with 'Manage Playbook Configurations' permission to reassign playbooks to arbitrary teams via PUT API, circumventing team membership restrictions. This access control flaw enables lateral privilege escalation across team boundaries without proper authorization checks. EPSS exploitation probability data not available; no confirmed active exploitation (CISA KEV) or public exploit code identified at time of analysis.

Mattermost Authentication Bypass
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-47090 LOW PATCH Monitor

Terminal injection in Claude HUD through version 0.0.12 allows an attacker who controls a Git branch name or working directory path to embed arbitrary ANSI escape sequences into terminal sessions via unsanitized OSC 8 hyperlink construction. When a user runs Claude HUD in an affected terminal emulator and clicks a rendered project or branch hyperlink, injected sequences—including OSC 52 clipboard writes and forged prompts—are processed by the terminal. The vulnerability has no public exploit identified at time of analysis and is not listed in CISA KEV, but the clipboard-poisoning vector carries meaningful risk for developers routinely cloning untrusted repositories.

RCE Claude Hud
NVD GitHub
CVSS 4.0
2.4
EPSS
0.0%
CVE-2026-45244 LOW PATCH Monitor

Missing authorization in the Summarize browser extension (versions prior to 0.15.1/0.15.2, CPE: cpe:2.3:a:steipete:summarize) allows remote unauthenticated attackers to execute browser automation actions - including navigation and debugger-backed operations - without triggering per-call user approval. Exploitation requires the extension automation feature to be enabled and the user to interact with attacker-controlled content (UI:R per CVSS), making this a prompt-injection-driven authorization bypass rather than a standalone remote attack. No public exploit has been identified at time of analysis, and the vendor released a patch in v0.15.2 as reported by VulnCheck.

Authentication Bypass Summarize
NVD GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8773 LOW Monitor

Argument injection in litemall Database Setting Handler allows authenticated administrators with high privileges to inject malicious arguments into database backup/load operations, potentially exposing sensitive database credentials or altering backup behavior. Publicly disclosed exploit code exists (CVSS:4.0 E:P), but vendor has not responded to disclosure. EPSS data not available; low CVSS base score (2.0) reflects high privilege requirement (PR:H) limiting widespread exploitation despite network attack vector.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-8772 LOW Monitor

SQL injection in linlinjava litemall 1.8.0 and earlier allows high-privileged remote attackers to read and modify database contents via crafted requests to multiple Admin Endpoint functions. Public exploit code available (EPSS probability unknown from provided data). Attack requires administrative credentials (PR:H) but achieves confidentiality, integrity, and availability impact on vulnerable component (VC:L/VI:L/VA:L). Despite CVSS 4.0 score of 2.0 (Low severity due to high privilege requirement), the existence of public POC and lack of vendor response elevates practical risk for installations where admin accounts may be compromised.

SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-33637 LOW PATCH GHSA Monitor

Off-host request forgery in the Faraday Ruby HTTP client library (versions 2.0.0-2.14.1) allows a remote unauthenticated attacker who can influence the per-request target to redirect HTTP requests - along with connection-scoped `Authorization` headers - to an arbitrary attacker-controlled host. This is a bypass of the February 2026 patch for CVE-2026-25765 (GHSA-33mh-2634-fwr2): the prior fix sanitized `String` inputs to `Faraday::Connection#build_exclusive_url` but failed to handle `URI` objects, which Ruby's URI parser resolves differently. Publicly available exploit code (proof-of-concept) exists and was independently confirmed against an external HTTP collector, demonstrating real-world credential exfiltration.

SSRF Apple
NVD GitHub
EPSS
0.0%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy