Cors Misconfiguration
Monthly
Cross-origin data exposure in Google's MCP Toolbox for Databases stems from the SSE initialization handler unconditionally emitting an `Access-Control-Allow-Origin: *` header, which overrides the `allowed-origins`/`allowed-hosts` controls added during beta and opens the endpoint to DNS rebinding. Any deployment using the SSE transport under MCP specification v2024-11-05 is affected, letting a remote attacker who lures a victim to a malicious web page read the victim's Toolbox/database tool responses cross-origin. Rated CVSS 4.0 9.4 with an upstream fix merged in PR #3054; no public exploit has been identified and the issue is not on CISA KEV.
Cross-origin read access to Algernon's SSE auto-refresh event server (versions ≤ 1.17.6) allows any web page visited by a developer to silently subscribe to the live file-change stream via a browser-native EventSource. The root cause is a hardcoded wildcard `Access-Control-Allow-Origin: *` response header in the dedicated SSE port activated by the `-a` flag, with no origin inspection or allow-list logic present in the vendored recwatch handler. No public exploit identified at time of analysis per KEV absence, though a complete working proof-of-concept - including exploit HTML and curl verification transcript - is published in GHSA-hw27-4v2q-5qff.
Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151.
Cross-origin data leakage in Google Chrome on Linux and ChromeOS allows remote attackers to read sensitive data from other origins via malicious HTML pages exploiting flawed CORS implementation. Affects versions prior to 148.0.7778.168. Google released a patch in their May 2026 stable channel update. EPSS score of 0.03% (10th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV). SSVC assessment indicates no current exploitation, non-automatable attack requiring user interaction, with partial technical impact limited to confidentiality breach.
Google Chrome versions prior to 148.0.7778.168 leak cross-origin data through insufficient policy enforcement in the ViewTransitions API when users interact with specially crafted HTML pages. The vulnerability enables remote attackers to bypass same-origin policy protections and extract sensitive information from other origins without authentication, though exploitation requires user interaction (clicking a link or visiting a malicious page). With EPSS at 0.03% (10th percentile) and no confirmed active exploitation, this represents a moderate information disclosure risk primarily affecting organizations where targeted phishing could deliver malicious pages to Chrome users.
WWBN AVideo is an open source video platform. In versions 29.0 and below, the `allowOrigin($allowAll=true)` function in `objects/functions.php` reflects any arbitrary `Origin` header back in `Access-Control-Allow-Origin` along with `Access-Control-Allow-Credentials: true`. This function is called by both `plugin/API/get.json.php` and `plugin/API/set.json.php` - the primary API endpoints that handle user data retrieval, authentication, livestream credentials, and state-changing operations. Combined with the application's `SameSite=None` session cookie policy, any website can make credentialed cross-origin requests and read authenticated API responses, enabling theft of user PII, livestream keys, and performing state changes on behalf of the victim. Commit caf705f38eae0ccfac4c3af1587781355d24495e contains a fix.
Permissive CORS policy in ericc-ch copilot-api up to version 0.7.0 allows remote attackers to access the Token Endpoint without authentication, enabling cross-domain requests from untrusted origins. The vulnerability exists in the cors function of src/server.ts and permits information disclosure with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, elevating real-world risk despite the moderate CVSS 6.9 score.
Permissive cross-domain policy in farion1231 cc-switch up to version 3.12.3 allows authenticated remote attackers to access sensitive information and modify data across untrusted domains via misconfigured CORS headers in the ProxyServer component. Publicly available exploit code exists, and vendor patches are available; this represents a moderate but actively exploitable configuration flaw affecting networked deployments.
CORS misconfiguration in CoolerControl coolercontrold versions 2.0.0 through 3.x allows unauthenticated remote attackers to read sensitive data and send control commands to the service by exploiting browser-based cross-origin requests from malicious websites. The vulnerability requires user interaction (UI:R) but grants attackers capability to leak information and manipulate daemon operations with a CVSS score of 6.3 (medium).
Cross-Origin Resource Sharing (CORS) misconfiguration in vanna-ai vanna up to version 2.0.2 allows authenticated remote attackers to establish permissive cross-domain policies with untrusted domains, leading to information disclosure. The vulnerability affects the FastAPI/Flask Server component and has publicly available exploit code; however, the vendor has not responded to early disclosure attempts. With a CVSS score of 5.3 and confirmed public exploit availability, this represents a moderate-risk authentication-gated information exposure issue.
Remote code execution in SiYuan desktop application (versions prior to 3.6.2) allows unauthenticated remote attackers to execute arbitrary code with full operating system privileges through CORS misconfiguration. A malicious website can inject JavaScript into the Electron-based application's Node.js context via the permissive API (Access-Control-Allow-Origin: * with Access-Control-Allow-Private-Network: true), which executes with OS-level access when the user next opens SiYuan's interface. No public exploit identified at time of analysis, though CVSS 9.6 (Critical) reflects network-accessible attack vector with low complexity requiring only user interaction (visiting malicious site while SiYuan runs). EPSS data not provided, but the combination of Electron framework exploitation, RCE impact, and trivial attack complexity suggests elevated real-world risk for desktop users.
Cross-Origin Resource Sharing (CORS) misconfiguration in PowerDNS dnsdist's internal webserver allows remote attackers to extract sensitive configuration information from the dashboard through a social engineering attack targeting authenticated administrators. An attacker can trick an admin into visiting a malicious website, which then leverages the misconfigured CORS policy to read dashboard API responses containing running configuration details. The vulnerability requires the internal webserver to be enabled (disabled by default) and user interaction, resulting in limited confidentiality impact with no integrity or availability risk.
Hardcoded wildcard CORS headers (Access-Control-Allow-Origin: *) in the Model Context Protocol Java SDK transport layer enable cross-origin session hijacking, allowing attackers to extract session IDs from victim browsers and relay authenticated requests back to internal MCP servers. The vulnerability affects the HttpServletSseServerTransportProvider and HttpServletStreamableServerTransportProvider classes in mcp-core; no public exploit code has been identified, though the attack requires user interaction (victim visiting attacker-controlled page). CVSS 6.1 reflects the combination of network-accessible vector, low attack complexity, and cross-origin impact, though practical exploitation depends on MCP server deployment architecture.
Cross-origin data exfiltration in Glances XML-RPC server (glances -s) allows any website to steal complete system monitoring data including hostname, OS details, process lists with command-line arguments, and network configuration through CORS misconfiguration. The server sends Access-Control-Allow-Origin: * on all responses and processes XML-RPC POST requests with Content-Type: text/plain without validation, bypassing browser CORS preflight checks. Default deployments run unauthenticated, making all network-accessible instances immediately exploitable. No public exploit identified at time of analysis, though detailed proof-of-concept code is included in the advisory.
A CORS misconfiguration vulnerability in mcp-memory-service allows any malicious website to perform cross-origin requests to the HTTP API. Versions prior to 10.25.1 of mcp-memory-service from doobidoo are affected, particularly when the HTTP server is enabled with anonymous access, allowing attackers to read, modify, and delete all stored memories without authentication. No KEV listing or public exploitation indicators are currently reported, though the vulnerability's simplicity and the availability of a GitHub security advisory suggest proof-of-concept development would be straightforward.
Misconfigured CORS headers in this web application permit cross-origin requests from any domain, enabling attackers to craft malicious webpages that perform unauthorized actions or exfiltrate sensitive data from victims' browsers when they visit attacker-controlled sites. Although the application is typically deployed on trusted local networks, the vulnerability can be exploited remotely by leveraging victim browsers as intermediaries without requiring direct network access. An attacker can silently harvest credentials, session tokens, or other sensitive information through transparent cross-site requests made on page load.
AVideo (WWBN_AVideo) contains a critical CORS misconfiguration vulnerability that exposes PHP session IDs to any unauthenticated external website, enabling complete account takeover of any logged-in user including administrators. The vulnerability has a working proof-of-concept exploit and requires only that a victim visit an attacker-controlled webpage while logged into AVideo, making it highly exploitable with an 8.1 CVSS score.
A critical CORS misconfiguration in the Glances system monitoring tool's REST API allows any website to steal sensitive system information from users who visit a malicious page while having access to a Glances instance. The vulnerability affects all versions prior to 4.5.2 and enables cross-origin theft of system stats, configuration secrets, database passwords, API keys, and command-line arguments. A proof-of-concept is publicly available, though no active exploitation has been reported yet.
A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection vulnerability and user access to the affected web interface.
Same-origin policy bypass in the DOM: Workers component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Same-origin policy bypass in the DOM: Notifications component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved handling of caches. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Same-origin policy bypass in the Layout component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Bruno is an open source IDE for exploring and testing APIs. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-origin data exposure in Google's MCP Toolbox for Databases stems from the SSE initialization handler unconditionally emitting an `Access-Control-Allow-Origin: *` header, which overrides the `allowed-origins`/`allowed-hosts` controls added during beta and opens the endpoint to DNS rebinding. Any deployment using the SSE transport under MCP specification v2024-11-05 is affected, letting a remote attacker who lures a victim to a malicious web page read the victim's Toolbox/database tool responses cross-origin. Rated CVSS 4.0 9.4 with an upstream fix merged in PR #3054; no public exploit has been identified and the issue is not on CISA KEV.
Cross-origin read access to Algernon's SSE auto-refresh event server (versions ≤ 1.17.6) allows any web page visited by a developer to silently subscribe to the live file-change stream via a browser-native EventSource. The root cause is a hardcoded wildcard `Access-Control-Allow-Origin: *` response header in the dedicated SSE port activated by the `-a` flag, with no origin inspection or allow-list logic present in the vendored recwatch handler. No public exploit identified at time of analysis per KEV absence, though a complete working proof-of-concept - including exploit HTML and curl verification transcript - is published in GHSA-hw27-4v2q-5qff.
Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151.
Cross-origin data leakage in Google Chrome on Linux and ChromeOS allows remote attackers to read sensitive data from other origins via malicious HTML pages exploiting flawed CORS implementation. Affects versions prior to 148.0.7778.168. Google released a patch in their May 2026 stable channel update. EPSS score of 0.03% (10th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV). SSVC assessment indicates no current exploitation, non-automatable attack requiring user interaction, with partial technical impact limited to confidentiality breach.
Google Chrome versions prior to 148.0.7778.168 leak cross-origin data through insufficient policy enforcement in the ViewTransitions API when users interact with specially crafted HTML pages. The vulnerability enables remote attackers to bypass same-origin policy protections and extract sensitive information from other origins without authentication, though exploitation requires user interaction (clicking a link or visiting a malicious page). With EPSS at 0.03% (10th percentile) and no confirmed active exploitation, this represents a moderate information disclosure risk primarily affecting organizations where targeted phishing could deliver malicious pages to Chrome users.
WWBN AVideo is an open source video platform. In versions 29.0 and below, the `allowOrigin($allowAll=true)` function in `objects/functions.php` reflects any arbitrary `Origin` header back in `Access-Control-Allow-Origin` along with `Access-Control-Allow-Credentials: true`. This function is called by both `plugin/API/get.json.php` and `plugin/API/set.json.php` - the primary API endpoints that handle user data retrieval, authentication, livestream credentials, and state-changing operations. Combined with the application's `SameSite=None` session cookie policy, any website can make credentialed cross-origin requests and read authenticated API responses, enabling theft of user PII, livestream keys, and performing state changes on behalf of the victim. Commit caf705f38eae0ccfac4c3af1587781355d24495e contains a fix.
Permissive CORS policy in ericc-ch copilot-api up to version 0.7.0 allows remote attackers to access the Token Endpoint without authentication, enabling cross-domain requests from untrusted origins. The vulnerability exists in the cors function of src/server.ts and permits information disclosure with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, elevating real-world risk despite the moderate CVSS 6.9 score.
Permissive cross-domain policy in farion1231 cc-switch up to version 3.12.3 allows authenticated remote attackers to access sensitive information and modify data across untrusted domains via misconfigured CORS headers in the ProxyServer component. Publicly available exploit code exists, and vendor patches are available; this represents a moderate but actively exploitable configuration flaw affecting networked deployments.
CORS misconfiguration in CoolerControl coolercontrold versions 2.0.0 through 3.x allows unauthenticated remote attackers to read sensitive data and send control commands to the service by exploiting browser-based cross-origin requests from malicious websites. The vulnerability requires user interaction (UI:R) but grants attackers capability to leak information and manipulate daemon operations with a CVSS score of 6.3 (medium).
Cross-Origin Resource Sharing (CORS) misconfiguration in vanna-ai vanna up to version 2.0.2 allows authenticated remote attackers to establish permissive cross-domain policies with untrusted domains, leading to information disclosure. The vulnerability affects the FastAPI/Flask Server component and has publicly available exploit code; however, the vendor has not responded to early disclosure attempts. With a CVSS score of 5.3 and confirmed public exploit availability, this represents a moderate-risk authentication-gated information exposure issue.
Remote code execution in SiYuan desktop application (versions prior to 3.6.2) allows unauthenticated remote attackers to execute arbitrary code with full operating system privileges through CORS misconfiguration. A malicious website can inject JavaScript into the Electron-based application's Node.js context via the permissive API (Access-Control-Allow-Origin: * with Access-Control-Allow-Private-Network: true), which executes with OS-level access when the user next opens SiYuan's interface. No public exploit identified at time of analysis, though CVSS 9.6 (Critical) reflects network-accessible attack vector with low complexity requiring only user interaction (visiting malicious site while SiYuan runs). EPSS data not provided, but the combination of Electron framework exploitation, RCE impact, and trivial attack complexity suggests elevated real-world risk for desktop users.
Cross-Origin Resource Sharing (CORS) misconfiguration in PowerDNS dnsdist's internal webserver allows remote attackers to extract sensitive configuration information from the dashboard through a social engineering attack targeting authenticated administrators. An attacker can trick an admin into visiting a malicious website, which then leverages the misconfigured CORS policy to read dashboard API responses containing running configuration details. The vulnerability requires the internal webserver to be enabled (disabled by default) and user interaction, resulting in limited confidentiality impact with no integrity or availability risk.
Hardcoded wildcard CORS headers (Access-Control-Allow-Origin: *) in the Model Context Protocol Java SDK transport layer enable cross-origin session hijacking, allowing attackers to extract session IDs from victim browsers and relay authenticated requests back to internal MCP servers. The vulnerability affects the HttpServletSseServerTransportProvider and HttpServletStreamableServerTransportProvider classes in mcp-core; no public exploit code has been identified, though the attack requires user interaction (victim visiting attacker-controlled page). CVSS 6.1 reflects the combination of network-accessible vector, low attack complexity, and cross-origin impact, though practical exploitation depends on MCP server deployment architecture.
Cross-origin data exfiltration in Glances XML-RPC server (glances -s) allows any website to steal complete system monitoring data including hostname, OS details, process lists with command-line arguments, and network configuration through CORS misconfiguration. The server sends Access-Control-Allow-Origin: * on all responses and processes XML-RPC POST requests with Content-Type: text/plain without validation, bypassing browser CORS preflight checks. Default deployments run unauthenticated, making all network-accessible instances immediately exploitable. No public exploit identified at time of analysis, though detailed proof-of-concept code is included in the advisory.
A CORS misconfiguration vulnerability in mcp-memory-service allows any malicious website to perform cross-origin requests to the HTTP API. Versions prior to 10.25.1 of mcp-memory-service from doobidoo are affected, particularly when the HTTP server is enabled with anonymous access, allowing attackers to read, modify, and delete all stored memories without authentication. No KEV listing or public exploitation indicators are currently reported, though the vulnerability's simplicity and the availability of a GitHub security advisory suggest proof-of-concept development would be straightforward.
Misconfigured CORS headers in this web application permit cross-origin requests from any domain, enabling attackers to craft malicious webpages that perform unauthorized actions or exfiltrate sensitive data from victims' browsers when they visit attacker-controlled sites. Although the application is typically deployed on trusted local networks, the vulnerability can be exploited remotely by leveraging victim browsers as intermediaries without requiring direct network access. An attacker can silently harvest credentials, session tokens, or other sensitive information through transparent cross-site requests made on page load.
AVideo (WWBN_AVideo) contains a critical CORS misconfiguration vulnerability that exposes PHP session IDs to any unauthenticated external website, enabling complete account takeover of any logged-in user including administrators. The vulnerability has a working proof-of-concept exploit and requires only that a victim visit an attacker-controlled webpage while logged into AVideo, making it highly exploitable with an 8.1 CVSS score.
A critical CORS misconfiguration in the Glances system monitoring tool's REST API allows any website to steal sensitive system information from users who visit a malicious page while having access to a Glances instance. The vulnerability affects all versions prior to 4.5.2 and enables cross-origin theft of system stats, configuration secrets, database passwords, API keys, and command-line arguments. A proof-of-concept is publicly available, though no active exploitation has been reported yet.
A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection vulnerability and user access to the affected web interface.
Same-origin policy bypass in the DOM: Workers component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Same-origin policy bypass in the DOM: Notifications component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved handling of caches. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Same-origin policy bypass in the Layout component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Bruno is an open source IDE for exploring and testing APIs. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.