Skip to main content

Server

76 CVEs product

Monthly

CVE-2026-15058 LOW PATCH Monitor

Improper authorization in Devolutions Server's secure messages deletion endpoint exposes an Insecure Direct Object Reference (IDOR) flaw allowing any authenticated user to permanently delete secure messages belonging to other users simply by supplying a target message identifier. Affected versions are 2026.2.11 and 2026.1.22; patched releases 2026.1.23 and 2026.2.12 are available per the vendor advisory. No public exploit identified at time of analysis, and the low CVSS score of 3.1 reflects constrained impact (integrity only, no data disclosure) paired with high attack complexity.

Authentication Bypass Server
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2026-15642 LOW PATCH Monitor

Devolutions Server 2026.1.22.0 and 2026.2.11.0 exposes Azure Key Vault client secrets in cleartext within Recovery Kit response files, defeating an explicit 'exclude sensitive data' option that administrators rely on. Any party who obtains a copy of the generated response file can trivially read the credential without any decryption or tooling. No public exploit code exists and the vulnerability is not in CISA KEV; however, because successful exploitation yields a reusable cloud credential, the downstream blast radius in Azure environments substantially exceeds what the 3.3 CVSS base score suggests. A vendor-released patch is available.

Hashicorp Microsoft Information Disclosure Server
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2026-15641 HIGH PATCH This Week

Authorization bypass in Devolutions Server 2026.2.11 and 2026.1.22 lets an authenticated low-privileged user approve their own pending access request by calling the access request status endpoint directly, bypassing the mandatory approver review. Because access requests gate elevated access to protected resources, this effectively grants unauthorized privileged access (CVSS 7.1). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the issue was disclosed and patched by the vendor.

Authentication Bypass Server
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-15637 HIGH PATCH This Week

Sensitive information disclosure in Devolutions Server 2026.1.x and 2026.2.x lets an authenticated low-privileged user read the private keys of SSH key and certificate PAM credentials belonging to other users. By supplying a credential identifier they should not have access to (an insecure direct object reference), the attacker retrieves secrets the PAM module is supposed to protect. No public exploit identified at time of analysis, and it is not on CISA KEV, but a vendor patch is available. Note: the supplied CVSS vector lists PR:N (unauthenticated) while the description explicitly requires an authenticated low-privileged user — treat this as an authenticated IDOR.

Authentication Bypass Server
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-60104 CRITICAL POC PATCH Act Now

Account takeover in self-hosted Bitwarden Server before 2026.6.0 lets a low-privileged organization member steal any other member's vault key and a victim-scoped access token. The POST /auth-requests/admin-request handler never verifies that the email in the request body belongs to the authenticated caller (CWE-639), so an attacker can create a Trusted Device Encryption admin-approval request for a victim, bound to an attacker-controlled public key; once approved, the encrypted key material is retrievable from an unauthenticated endpoint. Publicly available exploit code exists (a VulnCheck advisory plus a public write-up), and the CVSS 4.0 base score of 9.3 reflects high confidentiality and integrity impact plus a cross-user scope change.

Authentication Bypass Hashicorp Server
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.2%
CVE-2026-15053 HIGH PATCH This Week

Denial of service in Tanium Server allows remote unauthenticated attackers to exhaust availability of the platform, per vendor advisory TAN-2026-016. The flaw is network-reachable with low complexity and no privileges or user interaction (CVSS 7.5, availability-only impact), and the CWE-789 classification indicates an uncontrolled/excessive memory allocation can be triggered remotely. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Server
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-14536 HIGH PATCH This Week

Multi-factor authentication bypass in Devolutions Server (DVLS) versions 2026.2.4 through 2026.2.8 lets an attacker who already holds valid user credentials authenticate without completing MFA, defeating an enforced 'MFA Required' policy. The flaw triggers when DVLS encounters an invalid default MFA value, causing the mandatory second factor to be skipped. It is vendor-reported with a patch available; no public exploit identified at time of analysis and EPSS exploitation probability is low (0.18%, 8th percentile).

Authentication Bypass Server
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-57522 LOW POC PATCH Monitor

JSON injection in Bitwarden Server's IntegrationTemplateProcessor.ReplaceTokens() allows authenticated organization members to corrupt event-integration payloads delivered to webhook, SIEM, Slack, Teams, or Datadog endpoints. Any organization running Bitwarden Server prior to 2026.5.0 that has configured event integrations referencing user-controlled tokens such as #ActingUserName# or #UserName# is exposed. A public proof-of-concept exists per VulnCheck and independent researcher disclosure; exploitation is constrained by authentication and specific integration-configuration prerequisites, reflected in the low CVSS 4.0 score of 2.3.

Code Injection Server
NVD GitHub
CVSS 4.0
2.3
EPSS
0.2%
CVE-2026-57521 MEDIUM POC PATCH This Month

Broken access control in Bitwarden Server before 2026.5.0 exposes organization billing data to any authenticated user via an IDOR vulnerability in the PreviewInvoiceController endpoints. The missing ManageOrganizationBillingRequirement authorization check permits a valid session holder to supply an arbitrary organizationId and retrieve Stripe-derived billing details - including tax totals, subscription status, and customer data - for organizations they do not belong to. A public proof-of-concept exploit exists; no active exploitation has been confirmed by CISA KEV at the time of analysis.

Authentication Bypass Server
NVD GitHub
CVSS 4.0
5.3
EPSS
0.2%
CVE-2026-57520 HIGH POC PATCH This Week

Privilege escalation in self-hosted Bitwarden Server before 2026.5.0 lets an authenticated organization member holding a Custom role with the ManageUsers permission delete Admin accounts from the organization, undermining administrative control. The flaw stems from the bulk user-remove (DELETE) endpoint omitting the role-hierarchy guard that the single-user removal path enforces, so a lower-privileged user can strip Admins by submitting their organization-user IDs in a batch request. Publicly available exploit code exists (VulnCheck/researcher write-up), it is not listed in CISA KEV, and no EPSS score was provided in the input.

Authentication Bypass Privilege Escalation Server
NVD GitHub
CVSS 4.0
7.1
EPSS
0.3%
CVE-2026-12755 LOW PATCH Monitor

Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2 challenge-response, via a crafted DomainName parameter.

Information Disclosure Server
NVD
CVSS 3.1
2.7
EPSS
0.2%
CVE-2026-49261 CRITICAL PATCH NEWS Act Now

OS command injection in MariaDB Server (CWE-78) lets an attacker achieve remote code execution on Galera cluster nodes by embedding shell metacharacters in a joiner node's name, which the server passes unsanitized to the script defined in wsrep_notify_cmd. Affected branches are 10.6.1–10.6.26, 10.11.1–10.11.17, 11.4.1–11.4.11, 11.8.1–11.8.7, and 12.3.1, but only when wsrep_notify_cmd is configured. It carries a vendor CVSS of 9.8; however EPSS is very low (0.05%, 15th percentile) and SSVC marks exploitation as 'none', so there is no public exploit identified at time of analysis and it is not on CISA KEV.

Command Injection Server
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-10544 MEDIUM This Month

Command injection (CWE-78) in Devolutions Server's built-in PAM provider password rotation templates allows an attacker with vault write access to execute arbitrary OS commands on systems managed by the affected PAM provider. Affected versions include 2026.2.4.0 and all releases at or below 2026.1.20.0, reported directly by the vendor Devolutions. No public exploit code has been identified and this vulnerability is not listed in CISA KEV at time of analysis, but the high-value nature of a PAM platform managing privileged credentials on downstream systems means the practical blast radius substantially exceeds what the CVSS C:L/I:L scores suggest.

Hashicorp Command Injection Server
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-10787 MEDIUM This Month

Missing authorization on the deleted user groups API in Devolutions Server enables authenticated low-privileged users to enumerate metadata of deleted user groups via crafted API requests, bypassing intended access controls. Affected deployments include versions 2026.2.4.0 and 2026.1.20.0 and earlier, as confirmed by the vendor advisory DEVO-2026-0015. No public exploit exists and CISA SSVC confirms no active exploitation, placing this at low operational priority despite its network-accessible attack vector.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-10786 MEDIUM This Month

Cleartext credential exposure in Devolutions Server allows an authenticated low-privileged user to retrieve plaintext credentials stored for configured ticketing integrations via a crafted API request. Affected versions include Devolutions Server 2026.2.4.0 and all 2026.1.x releases up to and including 2026.1.20.0. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis; the vulnerability was self-disclosed by Devolutions via advisory DEVO-2026-0015.

Information Disclosure Server
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-9522 MEDIUM This Month

Improper access control in Devolutions Server 2026.1.19 and earlier allows an authenticated low-privilege user to delete PAM network discovery scan configurations that should be restricted to administrators. The CVSS vector (AV:N/AC:L/PR:L/UI:N) confirms exploitation requires only a valid low-privilege account over the network with no user interaction. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog at time of analysis.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-9590 MEDIUM This Month

Improper access control in Devolutions Server 2026.1.19 and earlier allows an authenticated user holding entry edit privileges to modify asset information beyond their authorized scope, bypassing the permission validation layer. The flaw resides in the permission validation component and enables privilege overreach within the platform's access control model - an authenticated low-privilege user can alter data they should have no write access to. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-9156 MEDIUM PATCH This Month

Authenticated network-accessible denial of service in Tanium Server affects three active release branches, patched in versions 7.6.4.2190, 7.7.3.8274, and 7.8.2.1176. The vulnerability stems from a CWE-772 resource leak - allocated resources are not released after their effective lifetime, enabling a low-privileged authenticated attacker to exhaust server resources. A notable conflict exists in the available data: the CVSS vector reports C:H/I:N/A:N (high confidentiality impact, no availability impact) while the CVE description, ENISA EUVD tags, and vendor advisory title all characterize this as a denial of service; defenders should treat both confidentiality and availability as potentially affected until Tanium clarifies. No public exploit is identified and EPSS is low at 0.03%.

Denial Of Service Server
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-7325 This Week

Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

SSRF Server
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-9251 This Week

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the administrator-enforced Pending Approval flow and gain access to an entry's data via a crafted status change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authentication Bypass Server
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-5171 Monitor

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authentication Bypass Server
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8477 Monitor

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensitive data without triggering the unseal audit notification via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Information Disclosure Server
NVD VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-9246 This Week

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Hashicorp Authentication Bypass Server
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-9224 This Week

Missing authorization in the user profile update feature in Devolutions Server allows an authenticated Active Directory user to modify their own profile attributes via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authentication Bypass Server
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-9249 Monitor

Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Information Disclosure Server
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-9245 Monitor

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Open Redirect Server
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2026-9247 Monitor

Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Information Disclosure Server
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2026-9248 Monitor

Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault they cannot access via a crafted save request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Hashicorp Authentication Bypass Server
NVD
CVSS 3.1
2.6
EPSS
0.0%
CVE-2026-9223 Monitor

Missing authorization in the vault import feature in Devolutions Server  2026.1.16.0 and earlier allows a low-privileged authenticated user to create new vaults via a crafted import request.

Hashicorp Authentication Bypass Server
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-9047 Monitor

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-factor authentication after the user reconfigures their factors. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0

Authentication Bypass Server
NVD VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-8407 MEDIUM This Month

Missing authorization in the PAM module of Devolutions Server allows authenticated users with a PAM license to retrieve OTP secret keys and recovery codes without additional permissions, leading to account compromise through crafted API requests. Affected versions include Devolutions Server 2025.3.16.0 and earlier, plus 2026.1.6.0 through 2026.1.11.0. No public exploit code or active exploitation has been identified; however, the low CVSS score and minimal EPSS percentile suggest limited real-world attack incentive despite the confidentiality impact.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-43640 HIGH POC PATCH This Week

Authentication bypass in Bitwarden Server versions prior to 2026.4.1 allows authenticated users with SCIM management privileges to retrieve or rotate organization SCIM API keys without master password re-authentication. An attacker with valid session credentials and SCIM management rights can obtain sensitive API keys that enable user provisioning control, potentially leading to unauthorized account creation, modification, or deletion within the organization. Public exploit code exists, and vendor patch v2026.4.1 addresses the issue via GitHub PR #7403.

Information Disclosure Server
NVD GitHub
CVSS 4.0
8.6
EPSS
0.1%
CVE-2026-43639 HIGH POC PATCH This Week

{providerId}/clients/existing endpoint, allowing authenticated provider users to add any organization to their provider without the target's consent. Publicly available exploit code exists (detailed writeup by Sanjok Karki), and vendor-released patch v2026.4.0 fully addresses the issue via GitHub PR #7372. Self-hosted installations are unaffected due to endpoint access restrictions. CVSS 8.9 reflects high confidentiality, integrity, and availability impact with high attack complexity and high privilege requirements.

Authentication Bypass Server
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.0%
CVE-2026-43638 MEDIUM POC PATCH This Month

Bitwarden Server prior to v2026.4.1 allows any authenticated user to write ciphers (encrypted credentials) into arbitrary organizations via the POST /ciphers/import-organization endpoint by submitting an empty collections array, bypassing authorization checks. This missing authorization vulnerability (CWE-862) affects all authenticated users regardless of organization membership, enabling them to inject malicious credentials or pivot across organizations. Publicly available exploit code exists, and the vendor has released patched version 2026.4.1.

Authentication Bypass Server
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-41161 npm MEDIUM PATCH This Month

Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.2.0, the /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuring the application's response time. This issue has been patched in version 2.2.0.

Information Disclosure Server
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-4989 MEDIUM This Month

Server-side request forgery (SSRF) in Devolutions Server gateway health check feature allows low-privileged authenticated users to bypass input validation and trigger arbitrary requests, potentially disclosing sensitive information from internal systems or network resources. Affected versions are 2026.1.1-2026.1.11 and 2025.3.1-2025.3.17. No public exploit code or active exploitation has been confirmed at time of analysis.

SSRF Information Disclosure Server
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5175 MEDIUM This Month

Improper access control in Devolutions Server 2026.1.6 through 2026.1.11 allows authenticated attackers to delete their own MFA factors via crafted API requests, reducing account protection to password-only authentication. This vulnerability enables account security degradation without proper authorization checks, potentially compromising accounts that rely on multi-factor authentication as a secondary defense.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-4925 MEDIUM This Month

Improper access control in Devolutions Server 2026.1.6 through 2026.1.11 allows authenticated users to bypass administrator-enforced MFA restrictions and remove their own multi-factor authentication via a crafted request. This authentication bypass undermines security policies designed to enforce MFA compliance, enabling threat actors with valid credentials to disable a critical security control and potentially maintain persistent access without secondary authentication verification. No public exploit code or active exploitation has been confirmed at time of analysis.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-4927 MEDIUM This Month

Devolutions Server versions 2026.1.6 through 2026.1.11 expose sensitive one-time password (OTP) keys in the MFA feature, allowing authenticated users with user management privileges to retrieve other users' OTP secrets via API requests. This information disclosure vulnerability enables account takeover by attackers who obtain valid credentials with user management roles, as OTP keys are sufficient to generate valid authentication codes and bypass multi-factor authentication protections.

Information Disclosure Server
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-4924 HIGH This Week

Devolutions Server 2026.1.11 and earlier allows authenticated remote attackers to bypass two-factor authentication by reusing a partially authenticated session token, enabling unauthorized account access without completing the second authentication factor. The vulnerability affects all versions up to and including 2026.1.11, with no CVSS score or public exploit confirmation available at analysis time.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-4828 HIGH This Week

Devolutions Server versions 2026.1.11 and earlier allow authenticated remote attackers to bypass multi-factor authentication through improper validation of OAuth login requests, enabling account takeover without second-factor verification. CISA KEV status and exploit availability not confirmed at time of analysis.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-4829 MEDIUM This Month

Improper session code validation in Devolutions Server 2026.1.11 and earlier allows authenticated users to escalate privileges and impersonate other users, including administrators, by reusing session codes from external OAuth authentication flows. This authentication bypass affects all versions up to and including 2026.1.11 and requires an attacker to have valid credentials to exploit the vulnerability. No public exploit code or active exploitation has been confirmed at the time of analysis.

Authentication Bypass Server
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2414 MEDIUM PATCH This Month

A user-controlled key authorization bypass vulnerability in HYPR Server versions 9.5.2 through 10.7.1 enables authenticated attackers to escalate privileges through improper authorization checks. An attacker with low-level privileges can manipulate cryptographic keys or authorization tokens to gain high-level access, compromising confidentiality, integrity, and availability of the authentication system. This vulnerability requires local or physical access to the system and valid user credentials, limiting its immediate threat scope but representing a critical risk in multi-tenant or shared infrastructure deployments.

Privilege Escalation Authentication Bypass Server
NVD VulDB
CVSS 4.0
5.6
EPSS
0.0%
CVE-2026-1712 MEDIUM PATCH This Month

An incorrect privilege assignment vulnerability in HYPR Server allows authenticated users to escalate their privileges through an unspecified mechanism. HYPR Server versions 10.5.1 through 10.6.x are affected, with the vulnerability resolved in version 10.7 and later. An attacker with valid user credentials can exploit this flaw to gain elevated permissions, potentially compromising the entire authentication infrastructure managed by the HYPR Server instance.

Privilege Escalation Server
NVD VulDB
CVSS 4.0
5.8
EPSS
0.0%
CVE-2019-25609 HIGH POC This Week

JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers.

Memory Corruption Buffer Overflow RCE Server
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-4434 HIGH PATCH This Week

Devolutions Server contains an improper certificate validation vulnerability in its PAM propagation WinRM connections that allows network attackers to conduct man-in-the-middle (MITM) attacks by exploiting disabled TLS certificate verification. This vulnerability affects Devolutions Server versions prior to 2026.1, enabling attackers positioned on the network path to intercept and manipulate WinRM communications without detection. The vulnerability is classified under CWE-295 (Improper Certificate Validation) and carries significant information disclosure and server compromise risks, particularly in environments where PAM propagation relies on WinRM for credential delivery and privileged session management.

Information Disclosure Server
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-15317 MEDIUM This Month

Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server. [CVSS 6.5 MEDIUM]

Denial Of Service Server
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15316 MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-15315 MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-15322 MEDIUM This Month

Tanium addressed an improper access controls vulnerability in Tanium Server. [CVSS 4.3 MEDIUM]

Authentication Bypass Server
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2023-4770 HIGH This Week

An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft 4D Server
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-30223 HIGH POC This Week

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-30222 HIGH POC This Week

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Server
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-46181 Go MEDIUM PATCH This Month

Gotify server is a simple server for sending and receiving messages in real-time per WebSocket. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Server
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-46764 CRITICAL Act Now

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SQLi Server
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-46763 HIGH This Week

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows a low-privileged database user to execute arbitrary SQL commands as the database. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SQLi Server
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-39395 Go CRITICAL PATCH Act Now

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Server Ui Worker
NVD GitHub
CVSS 3.1
9.9
EPSS
1.1%
CVE-2022-1502 MEDIUM PATCH This Month

Permissions were not properly verified in the API on projects using version control in Git. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Server
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-42973 HIGH POC This Week

NoMachine Server is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42972 HIGH POC This Week

NoMachine Server is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-41179 MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-41178 MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud XSS Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-31817 HIGH This Week

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-31816 HIGH This Week

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-31818 MEDIUM This Month

Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t parameterised correctly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Server
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-30183 HIGH This Week

Cleartext storage of sensitive information in multiple versions of Octopus Server where in certain situations when running import or export processes, the password used to encrypt and decrypt. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-16197 MEDIUM This Month

An issue was discovered in Octopus Deploy 3.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Octopus Server Server
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2020-15879 HIGH This Week

Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Server
NVD GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2019-19766 HIGH This Week

The Bitwarden server through 1.32.0 has a potentially unwanted KDF. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-19085 MEDIUM This Month

A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Server
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-17393 CRITICAL Act Now

The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Server
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2019-15508 MEDIUM This Month

In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user (in certain limited OctopusPrintVariables circumstances) could trigger a deployment that. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Server Tentacle
NVD GitHub
CVSS 3.0
6.5
EPSS
0.7%
CVE-2019-15507 MEDIUM This Month

In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user (in certain limited special-characters circumstances) could trigger a deployment that. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-5748 CRITICAL PATCH Act Now

In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Java Server
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2018-1000881 CRITICAL POC Act Now

Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Code Injection RCE Server
NVD
CVSS 3.0
9.8
EPSS
3.8%
CVE-2017-7855 MEDIUM POC This Month

In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Server
NVD
CVSS 3.0
6.1
EPSS
0.5%
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Improper authorization in Devolutions Server's secure messages deletion endpoint exposes an Insecure Direct Object Reference (IDOR) flaw allowing any authenticated user to permanently delete secure messages belonging to other users simply by supplying a target message identifier. Affected versions are 2026.2.11 and 2026.1.22; patched releases 2026.1.23 and 2026.2.12 are available per the vendor advisory. No public exploit identified at time of analysis, and the low CVSS score of 3.1 reflects constrained impact (integrity only, no data disclosure) paired with high attack complexity.

Authentication Bypass Server
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Devolutions Server 2026.1.22.0 and 2026.2.11.0 exposes Azure Key Vault client secrets in cleartext within Recovery Kit response files, defeating an explicit 'exclude sensitive data' option that administrators rely on. Any party who obtains a copy of the generated response file can trivially read the credential without any decryption or tooling. No public exploit code exists and the vulnerability is not in CISA KEV; however, because successful exploitation yields a reusable cloud credential, the downstream blast radius in Azure environments substantially exceeds what the 3.3 CVSS base score suggests. A vendor-released patch is available.

Hashicorp Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Authorization bypass in Devolutions Server 2026.2.11 and 2026.1.22 lets an authenticated low-privileged user approve their own pending access request by calling the access request status endpoint directly, bypassing the mandatory approver review. Because access requests gate elevated access to protected resources, this effectively grants unauthorized privileged access (CVSS 7.1). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the issue was disclosed and patched by the vendor.

Authentication Bypass Server
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Sensitive information disclosure in Devolutions Server 2026.1.x and 2026.2.x lets an authenticated low-privileged user read the private keys of SSH key and certificate PAM credentials belonging to other users. By supplying a credential identifier they should not have access to (an insecure direct object reference), the attacker retrieves secrets the PAM module is supposed to protect. No public exploit identified at time of analysis, and it is not on CISA KEV, but a vendor patch is available. Note: the supplied CVSS vector lists PR:N (unauthenticated) while the description explicitly requires an authenticated low-privileged user — treat this as an authenticated IDOR.

Authentication Bypass Server
NVD
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

Account takeover in self-hosted Bitwarden Server before 2026.6.0 lets a low-privileged organization member steal any other member's vault key and a victim-scoped access token. The POST /auth-requests/admin-request handler never verifies that the email in the request body belongs to the authenticated caller (CWE-639), so an attacker can create a Trusted Device Encryption admin-approval request for a victim, bound to an attacker-controlled public key; once approved, the encrypted key material is retrievable from an unauthenticated endpoint. Publicly available exploit code exists (a VulnCheck advisory plus a public write-up), and the CVSS 4.0 base score of 9.3 reflects high confidentiality and integrity impact plus a cross-user scope change.

Authentication Bypass Hashicorp Server
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Tanium Server allows remote unauthenticated attackers to exhaust availability of the platform, per vendor advisory TAN-2026-016. The flaw is network-reachable with low complexity and no privileges or user interaction (CVSS 7.5, availability-only impact), and the CWE-789 classification indicates an uncontrolled/excessive memory allocation can be triggered remotely. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Server
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Multi-factor authentication bypass in Devolutions Server (DVLS) versions 2026.2.4 through 2026.2.8 lets an attacker who already holds valid user credentials authenticate without completing MFA, defeating an enforced 'MFA Required' policy. The flaw triggers when DVLS encounters an invalid default MFA value, causing the mandatory second factor to be skipped. It is vendor-reported with a patch available; no public exploit identified at time of analysis and EPSS exploitation probability is low (0.18%, 8th percentile).

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 2.3
LOW POC PATCH Monitor

JSON injection in Bitwarden Server's IntegrationTemplateProcessor.ReplaceTokens() allows authenticated organization members to corrupt event-integration payloads delivered to webhook, SIEM, Slack, Teams, or Datadog endpoints. Any organization running Bitwarden Server prior to 2026.5.0 that has configured event integrations referencing user-controlled tokens such as #ActingUserName# or #UserName# is exposed. A public proof-of-concept exists per VulnCheck and independent researcher disclosure; exploitation is constrained by authentication and specific integration-configuration prerequisites, reflected in the low CVSS 4.0 score of 2.3.

Code Injection Server
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Broken access control in Bitwarden Server before 2026.5.0 exposes organization billing data to any authenticated user via an IDOR vulnerability in the PreviewInvoiceController endpoints. The missing ManageOrganizationBillingRequirement authorization check permits a valid session holder to supply an arbitrary organizationId and retrieve Stripe-derived billing details - including tax totals, subscription status, and customer data - for organizations they do not belong to. A public proof-of-concept exploit exists; no active exploitation has been confirmed by CISA KEV at the time of analysis.

Authentication Bypass Server
NVD GitHub
EPSS 0% CVSS 7.1
HIGH POC PATCH This Week

Privilege escalation in self-hosted Bitwarden Server before 2026.5.0 lets an authenticated organization member holding a Custom role with the ManageUsers permission delete Admin accounts from the organization, undermining administrative control. The flaw stems from the bulk user-remove (DELETE) endpoint omitting the role-hierarchy guard that the single-user removal path enforces, so a lower-privileged user can strip Admins by submitting their organization-user IDs in a batch request. Publicly available exploit code exists (VulnCheck/researcher write-up), it is not listed in CISA KEV, and no EPSS score was provided in the input.

Authentication Bypass Privilege Escalation Server
NVD GitHub
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2 challenge-response, via a crafted DomainName parameter.

Information Disclosure Server
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

OS command injection in MariaDB Server (CWE-78) lets an attacker achieve remote code execution on Galera cluster nodes by embedding shell metacharacters in a joiner node's name, which the server passes unsanitized to the script defined in wsrep_notify_cmd. Affected branches are 10.6.1–10.6.26, 10.11.1–10.11.17, 11.4.1–11.4.11, 11.8.1–11.8.7, and 12.3.1, but only when wsrep_notify_cmd is configured. It carries a vendor CVSS of 9.8; however EPSS is very low (0.05%, 15th percentile) and SSVC marks exploitation as 'none', so there is no public exploit identified at time of analysis and it is not on CISA KEV.

Command Injection Server
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Command injection (CWE-78) in Devolutions Server's built-in PAM provider password rotation templates allows an attacker with vault write access to execute arbitrary OS commands on systems managed by the affected PAM provider. Affected versions include 2026.2.4.0 and all releases at or below 2026.1.20.0, reported directly by the vendor Devolutions. No public exploit code has been identified and this vulnerability is not listed in CISA KEV at time of analysis, but the high-value nature of a PAM platform managing privileged credentials on downstream systems means the practical blast radius substantially exceeds what the CVSS C:L/I:L scores suggest.

Hashicorp Command Injection Server
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Missing authorization on the deleted user groups API in Devolutions Server enables authenticated low-privileged users to enumerate metadata of deleted user groups via crafted API requests, bypassing intended access controls. Affected deployments include versions 2026.2.4.0 and 2026.1.20.0 and earlier, as confirmed by the vendor advisory DEVO-2026-0015. No public exploit exists and CISA SSVC confirms no active exploitation, placing this at low operational priority despite its network-accessible attack vector.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Cleartext credential exposure in Devolutions Server allows an authenticated low-privileged user to retrieve plaintext credentials stored for configured ticketing integrations via a crafted API request. Affected versions include Devolutions Server 2026.2.4.0 and all 2026.1.x releases up to and including 2026.1.20.0. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis; the vulnerability was self-disclosed by Devolutions via advisory DEVO-2026-0015.

Information Disclosure Server
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper access control in Devolutions Server 2026.1.19 and earlier allows an authenticated low-privilege user to delete PAM network discovery scan configurations that should be restricted to administrators. The CVSS vector (AV:N/AC:L/PR:L/UI:N) confirms exploitation requires only a valid low-privilege account over the network with no user interaction. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog at time of analysis.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper access control in Devolutions Server 2026.1.19 and earlier allows an authenticated user holding entry edit privileges to modify asset information beyond their authorized scope, bypassing the permission validation layer. The flaw resides in the permission validation component and enables privilege overreach within the platform's access control model - an authenticated low-privilege user can alter data they should have no write access to. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Authenticated network-accessible denial of service in Tanium Server affects three active release branches, patched in versions 7.6.4.2190, 7.7.3.8274, and 7.8.2.1176. The vulnerability stems from a CWE-772 resource leak - allocated resources are not released after their effective lifetime, enabling a low-privileged authenticated attacker to exhaust server resources. A notable conflict exists in the available data: the CVSS vector reports C:H/I:N/A:N (high confidentiality impact, no availability impact) while the CVE description, ENISA EUVD tags, and vendor advisory title all characterize this as a denial of service; defenders should treat both confidentiality and availability as potentially affected until Tanium clarifies. No public exploit is identified and EPSS is low at 0.03%.

Denial Of Service Server
NVD
EPSS 0% CVSS 7.1
This Week

Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

SSRF Server
NVD VulDB
EPSS 0% CVSS 5.4
This Week

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the administrator-enforced Pending Approval flow and gain access to an entry's data via a crafted status change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authentication Bypass Server
NVD
EPSS 0% CVSS 4.3
Monitor

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 2.7
Monitor

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensitive data without triggering the unseal audit notification via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Information Disclosure Server
NVD VulDB
EPSS 0% CVSS 4.3
This Week

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Hashicorp Authentication Bypass Server
NVD
EPSS 0% CVSS 4.3
This Week

Missing authorization in the user profile update feature in Devolutions Server allows an authenticated Active Directory user to modify their own profile attributes via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authentication Bypass Server
NVD
EPSS 0% CVSS 3.1
Monitor

Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Information Disclosure Server
NVD
EPSS 0% CVSS 5.0
Monitor

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Open Redirect Server
NVD
EPSS 0% CVSS 2.4
Monitor

Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Information Disclosure Server
NVD
EPSS 0% CVSS 2.6
Monitor

Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault they cannot access via a crafted save request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Hashicorp Authentication Bypass Server
NVD
EPSS 0% CVSS 4.3
Monitor

Missing authorization in the vault import feature in Devolutions Server  2026.1.16.0 and earlier allows a low-privileged authenticated user to create new vaults via a crafted import request.

Hashicorp Authentication Bypass Server
NVD
EPSS 0% CVSS 7.6
Monitor

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-factor authentication after the user reconfigures their factors. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Missing authorization in the PAM module of Devolutions Server allows authenticated users with a PAM license to retrieve OTP secret keys and recovery codes without additional permissions, leading to account compromise through crafted API requests. Affected versions include Devolutions Server 2025.3.16.0 and earlier, plus 2026.1.6.0 through 2026.1.11.0. No public exploit code or active exploitation has been identified; however, the low CVSS score and minimal EPSS percentile suggest limited real-world attack incentive despite the confidentiality impact.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

Authentication bypass in Bitwarden Server versions prior to 2026.4.1 allows authenticated users with SCIM management privileges to retrieve or rotate organization SCIM API keys without master password re-authentication. An attacker with valid session credentials and SCIM management rights can obtain sensitive API keys that enable user provisioning control, potentially leading to unauthorized account creation, modification, or deletion within the organization. Public exploit code exists, and vendor patch v2026.4.1 addresses the issue via GitHub PR #7403.

Information Disclosure Server
NVD GitHub
EPSS 0% CVSS 8.9
HIGH POC PATCH This Week

{providerId}/clients/existing endpoint, allowing authenticated provider users to add any organization to their provider without the target's consent. Publicly available exploit code exists (detailed writeup by Sanjok Karki), and vendor-released patch v2026.4.0 fully addresses the issue via GitHub PR #7372. Self-hosted installations are unaffected due to endpoint access restrictions. CVSS 8.9 reflects high confidentiality, integrity, and availability impact with high attack complexity and high privilege requirements.

Authentication Bypass Server
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Bitwarden Server prior to v2026.4.1 allows any authenticated user to write ciphers (encrypted credentials) into arbitrary organizations via the POST /ciphers/import-organization endpoint by submitting an empty collections array, bypassing authorization checks. This missing authorization vulnerability (CWE-862) affects all authenticated users regardless of organization membership, enabling them to inject malicious credentials or pivot across organizations. Publicly available exploit code exists, and the vendor has released patched version 2026.4.1.

Authentication Bypass Server
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.2.0, the /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuring the application's response time. This issue has been patched in version 2.2.0.

Information Disclosure Server
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

Server-side request forgery (SSRF) in Devolutions Server gateway health check feature allows low-privileged authenticated users to bypass input validation and trigger arbitrary requests, potentially disclosing sensitive information from internal systems or network resources. Affected versions are 2026.1.1-2026.1.11 and 2025.3.1-2025.3.17. No public exploit code or active exploitation has been confirmed at time of analysis.

SSRF Information Disclosure Server
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Improper access control in Devolutions Server 2026.1.6 through 2026.1.11 allows authenticated attackers to delete their own MFA factors via crafted API requests, reducing account protection to password-only authentication. This vulnerability enables account security degradation without proper authorization checks, potentially compromising accounts that rely on multi-factor authentication as a secondary defense.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Improper access control in Devolutions Server 2026.1.6 through 2026.1.11 allows authenticated users to bypass administrator-enforced MFA restrictions and remove their own multi-factor authentication via a crafted request. This authentication bypass undermines security policies designed to enforce MFA compliance, enabling threat actors with valid credentials to disable a critical security control and potentially maintain persistent access without secondary authentication verification. No public exploit code or active exploitation has been confirmed at time of analysis.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Devolutions Server versions 2026.1.6 through 2026.1.11 expose sensitive one-time password (OTP) keys in the MFA feature, allowing authenticated users with user management privileges to retrieve other users' OTP secrets via API requests. This information disclosure vulnerability enables account takeover by attackers who obtain valid credentials with user management roles, as OTP keys are sufficient to generate valid authentication codes and bypass multi-factor authentication protections.

Information Disclosure Server
NVD VulDB
EPSS 0% CVSS 8.2
HIGH This Week

Devolutions Server 2026.1.11 and earlier allows authenticated remote attackers to bypass two-factor authentication by reusing a partially authenticated session token, enabling unauthorized account access without completing the second authentication factor. The vulnerability affects all versions up to and including 2026.1.11, with no CVSS score or public exploit confirmation available at analysis time.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 8.2
HIGH This Week

Devolutions Server versions 2026.1.11 and earlier allow authenticated remote attackers to bypass multi-factor authentication through improper validation of OAuth login requests, enabling account takeover without second-factor verification. CISA KEV status and exploit availability not confirmed at time of analysis.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper session code validation in Devolutions Server 2026.1.11 and earlier allows authenticated users to escalate privileges and impersonate other users, including administrators, by reusing session codes from external OAuth authentication flows. This authentication bypass affects all versions up to and including 2026.1.11 and requires an attacker to have valid credentials to exploit the vulnerability. No public exploit code or active exploitation has been confirmed at the time of analysis.

Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A user-controlled key authorization bypass vulnerability in HYPR Server versions 9.5.2 through 10.7.1 enables authenticated attackers to escalate privileges through improper authorization checks. An attacker with low-level privileges can manipulate cryptographic keys or authorization tokens to gain high-level access, compromising confidentiality, integrity, and availability of the authentication system. This vulnerability requires local or physical access to the system and valid user credentials, limiting its immediate threat scope but representing a critical risk in multi-tenant or shared infrastructure deployments.

Privilege Escalation Authentication Bypass Server
NVD VulDB
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

An incorrect privilege assignment vulnerability in HYPR Server allows authenticated users to escalate their privileges through an unspecified mechanism. HYPR Server versions 10.5.1 through 10.6.x are affected, with the vulnerability resolved in version 10.7 and later. An attacker with valid user credentials can exploit this flaw to gain elevated permissions, potentially compromising the entire authentication infrastructure managed by the HYPR Server instance.

Privilege Escalation Server
NVD VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers.

Memory Corruption Buffer Overflow RCE +1
NVD Exploit-DB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Devolutions Server contains an improper certificate validation vulnerability in its PAM propagation WinRM connections that allows network attackers to conduct man-in-the-middle (MITM) attacks by exploiting disabled TLS certificate verification. This vulnerability affects Devolutions Server versions prior to 2026.1, enabling attackers positioned on the network path to intercept and manipulate WinRM communications without detection. The vulnerability is classified under CWE-295 (Improper Certificate Validation) and carries significant information disclosure and server compromise risks, particularly in environments where PAM propagation relies on WinRM for credential delivery and privileged session management.

Information Disclosure Server
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server. [CVSS 6.5 MEDIUM]

Denial Of Service Server
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Tanium addressed an improper access controls vulnerability in Tanium Server. [CVSS 4.3 MEDIUM]

Authentication Bypass Server
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft 4D +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Server
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Server
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Gotify server is a simple server for sending and receiving messages in real-time per WebSocket. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Server
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SQLi Server
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH This Week

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows a low-privileged database user to execute arbitrary SQL commands as the database. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SQLi Server
NVD GitHub VulDB
EPSS 1% CVSS 9.9
CRITICAL PATCH Act Now

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Server Ui +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Permissions were not properly verified in the API on projects using version control in Git. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Server
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

NoMachine Server is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

NoMachine Server is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Server
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud XSS Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD
EPSS 1% CVSS 7.5
HIGH This Week

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t parameterised correctly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Server
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Cleartext storage of sensitive information in multiple versions of Octopus Server where in certain situations when running import or export processes, the password used to encrypt and decrypt. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

An issue was discovered in Octopus Deploy 3.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Octopus Server Server
NVD GitHub
EPSS 3% CVSS 7.5
HIGH This Week

Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

The Bitwarden server through 1.32.0 has a potentially unwanted KDF. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM This Month

A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Server
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Server
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user (in certain limited OctopusPrintVariables circumstances) could trigger a deployment that. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Server Tentacle
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user (in certain limited special-characters circumstances) could trigger a deployment that. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Java Server
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Code Injection RCE +1
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy