Monthly
Authenticated attackers with low-level privileges can exfiltrate sensitive database information from InvenTree open source inventory management systems prior to version 1.2.6 by abusing unvalidated filter parameters in bulk operation API endpoints. The vulnerability enables blind boolean-based data extraction through Django ORM relationship traversal, achieving high confidentiality impact with changed scope per CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (score 7.7). No public exploit identified at time of analysis, and vendor-released patches are available in versions 1.2.6 and 1.3.0.
The e-shot form builder plugin for WordPress contains a sensitive information exposure vulnerability in the eshot_form_builder_get_account_data() AJAX handler that is accessible to any authenticated user without capability checks or nonce verification. An attacker with Subscriber-level access or higher can extract the e-shot API token and subaccount information by calling this AJAX endpoint, potentially compromising the victim's e-shot platform account. The vulnerability affects all versions up to and including 1.0.2, and while this CVE does not appear in the KEV catalog or have public proof-of-concept code readily available, the CVSS score of 5.3 reflects moderate risk due to the low attack complexity and lack of user interaction required.
Vendure versions up to 3.5.3 contains a vulnerability that allows attackers to enumerate valid usernames (email addresses) (CVSS 5.3).
Craft CMS (5.0.0-RC1 through 5.8.20, 3.x through 4.16.16) allows unauthenticated users to trigger database backup operations, leading to resource exhaustion or information disclosure if backups are stored in accessible locations. PoC available, patches available.
Langfuse is an open source large language model engineering platform. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
A information disclosure vulnerability in an Exposure of Sensitive Information (CVSS 7.5). High severity vulnerability requiring prompt remediation.
Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Audiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.X-2.0 before 7.X-2.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authenticated attackers with low-level privileges can exfiltrate sensitive database information from InvenTree open source inventory management systems prior to version 1.2.6 by abusing unvalidated filter parameters in bulk operation API endpoints. The vulnerability enables blind boolean-based data extraction through Django ORM relationship traversal, achieving high confidentiality impact with changed scope per CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (score 7.7). No public exploit identified at time of analysis, and vendor-released patches are available in versions 1.2.6 and 1.3.0.
The e-shot form builder plugin for WordPress contains a sensitive information exposure vulnerability in the eshot_form_builder_get_account_data() AJAX handler that is accessible to any authenticated user without capability checks or nonce verification. An attacker with Subscriber-level access or higher can extract the e-shot API token and subaccount information by calling this AJAX endpoint, potentially compromising the victim's e-shot platform account. The vulnerability affects all versions up to and including 1.0.2, and while this CVE does not appear in the KEV catalog or have public proof-of-concept code readily available, the CVSS score of 5.3 reflects moderate risk due to the low attack complexity and lack of user interaction required.
Vendure versions up to 3.5.3 contains a vulnerability that allows attackers to enumerate valid usernames (email addresses) (CVSS 5.3).
Craft CMS (5.0.0-RC1 through 5.8.20, 3.x through 4.16.16) allows unauthenticated users to trigger database backup operations, leading to resource exhaustion or information disclosure if backups are stored in accessible locations. PoC available, patches available.
Langfuse is an open source large language model engineering platform. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
A information disclosure vulnerability in an Exposure of Sensitive Information (CVSS 7.5). High severity vulnerability requiring prompt remediation.
Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Audiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.X-2.0 before 7.X-2.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.