Authentication Bypass

OAuth scope validation bypass in Mattermost's GitHub integration allows authenticated users to escalate repository access beyond what was originally authorized. By manipulating the scope parameter in the GitHub OAuth authorization URL before the callback is processed, a low-privileged Mattermost user can obtain a GitHub token with broader permissions - including access to private repositories - than the application intended to grant. Affecting versions across four active release branches (10.11.x through 11.6.x), this is no public exploit identified at time of analysis and is not listed in CISA KEV, but the low complexity and authentication-only barrier make it a realistic insider or compromised-account risk.

Insecure Direct Object Reference (IDOR) in Typebot's getResultLogs API endpoint allows any authenticated user to read execution logs belonging to other workspaces by supplying an arbitrary victim resultId alongside their own authorized typebotId. The endpoint authorizes the caller by typebotId but fetches log records by resultId alone, skipping cross-ownership validation that all peer endpoints in the same router correctly enforce. Exploitation exposes sensitive runtime data including HTTP response bodies, AI model outputs, and webhook payloads. No public exploit or CISA KEV listing has been identified at time of analysis, but the straightforward nature of the IDOR - requiring only a valid session and a guessed or enumerated resultId - makes unauthorized data access realistic for any authenticated platform user.

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the administrator-enforced Pending Approval flow and gain access to an entry's data via a crafted status change request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Missing authorization in the user profile update feature in Devolutions Server allows an authenticated Active Directory user to modify their own profile attributes via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault they cannot access via a crafted save request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Missing authorization in the vault import feature in Devolutions Server  2026.1.16.0 and earlier allows a low-privileged authenticated user to create new vaults via a crafted import request.

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-factor authentication after the user reconfigures their factors. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0

Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express association Reorder dialog.  This can cause Cross-entity state tampering with view-only permission on one entry. To be affected, a website has to be using express and relying on express entity ordering. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Winston Crooker for reporting.

Dell PowerFlex Manager versions 4.6.2 and earlier improperly store sensitive information in a manner accessible to low-privileged local users, resulting in unauthorized disclosure of confidential data with high confidentiality impact per CVSS. Affected deployments span both the Appliance and Rack form factors of the platform. No public exploit code has been identified at time of analysis and CISA KEV does not list this vulnerability, though the CWE-922 root cause and the 'Authentication Bypass' tag suggest the exposed data may include credentials or tokens that could enable downstream privilege escalation or lateral movement.

Broken or risky cryptographic algorithm use in Dell PowerFlex Manager's SSH component (versions ≤4.6.2) allows a locally authenticated low-privileged attacker to bypass SSH protection mechanisms, affecting both Appliance and Rack form factors. The CVSS vector (AV:L/AC:H/PR:L) reflects significant exploitation barriers: physical or logical local access is required, attack complexity is high, and impact is limited to partial confidentiality and integrity loss with no availability impact. Dell has published dual advisories (DSA-2025-434 for Appliance, DSA-2025-435 for Rack); no public exploit or CISA KEV listing exists at time of analysis.

Insecure storage of sensitive information in Dell PowerFlex Manager versions up to and including 4.6.2 exposes credentials, keys, or configuration secrets to any attacker with local OS-level access to the appliance - no PowerFlex Manager authentication required. The CVSS vector (AV:L/AC:L/PR:N/UI:N) confirms the attacker needs only local system access, not application credentials, to retrieve the improperly protected data. No public exploit identified at time of analysis and no CISA KEV listing; however, the 'Authentication Bypass' tag in the intelligence data suggests the exposed sensitive material may itself enable downstream privilege escalation or authentication bypass against PowerFlex or its managed infrastructure.

File ownership and access control enforcement is absent in the Boards API across four release branches of Mattermost, allowing any authenticated user to access and download files belonging to other users or teams by submitting crafted API requests containing valid file IDs. Affected deployments span versions 10.11.x through 11.6.x per EUVD-2026-31429 and vendor advisory MMSA-2026-00620. CVSS scores this at 5.9 (Medium) reflecting high attack complexity due to the file ID prerequisite; no public exploit has been identified and the vulnerability is not listed in CISA KEV at time of analysis.

Broken access control in TeamViewer DEX Platform (On-Premises) before version 9.2 allows authenticated low-privileged users to invoke administrative API endpoints and access sensitive resources outside their authorized scope. The root cause is CWE-862 (Missing Authorization) - backend API endpoints omit proper role-based authorization checks despite confirming user identity. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog at time of analysis, but the network-accessible attack vector and low complexity make exploitation straightforward for any user holding valid platform credentials.

{id}/ rewrite endpoint. The handle_playlist_endpoint() function validates only post_type, omitting authentication, capability, and post_status checks, so draft, private, pending, and trashed playlists are reachable by ID enumeration. No public exploit identified at time of analysis; the issue is fixed in version 2.0.3 per the vendor commit.

Authorization bypass in MotoPress Hotel Booking plugin for WordPress (all versions through 6.0.1) allows unauthenticated remote attackers to overwrite or delete internal booking notes for any reservation by supplying an arbitrary booking ID. The root cause is a nonce that is unconditionally output into every public page's HTML via wp_localize_script under MPHB._data.nonces, meaning any site visitor - without an account or any prior interaction - can obtain a valid nonce and invoke the update-booking-notes AJAX action against any booking. No public exploit code has been identified at time of analysis, but the trivially accessible nonce makes this effectively zero-friction to abuse.

Unauthorized data disclosure in the Ditty - Responsive News Tickers, Sliders, and Lists WordPress plugin (versions 0 through 3.1.65) allows unauthenticated remote attackers to retrieve the full contents of non-public Ditty entries - including drafts, pending, scheduled, and disabled posts - by enumerating integer post IDs against the ditty_init AJAX endpoint. The flaw stems from the init_ajax() handler omitting the 'publish' post status check that its non-AJAX counterpart performs, exposing content administrators deliberately withheld from public view. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Authorization bypass in the Vedrixa Forms WordPress plugin (all versions through 1.1.1) permits authenticated attackers with subscriber-level access to overwrite the structure of any registration form by writing attacker-controlled data directly to the plugin's FORMS database table. The root cause is a missing authorization check on the form-saving AJAX handler, compounded by the fact that the required ajax-nonce is publicly exposed via wp_localize_script() on any page rendering a form shortcode - meaning any authenticated visitor can harvest the nonce without elevated privileges. The vulnerability is not listed in CISA KEV and no public exploit has been identified at time of analysis; however, on open-registration WordPress sites the subscriber-level barrier is trivially bypassed.

Missing authorization controls in the FastX WordPress theme allow authenticated Subscriber-level users to install and activate the PostX plugin without administrative approval. The vulnerability exists in two AJAX callback functions - 'ultp_install_callback' and 'ultp_activate_callback' - which fail to verify whether the requesting user holds sufficient capabilities before executing privileged plugin management operations. All versions up to and including 1.0.2 are affected per WPXPO's theme codebase on themes.trac.wordpress.org. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Unauthorized modification of weather display settings in the Location Weather WordPress plugin (versions ≤3.0.2) is achievable by any authenticated user with Contributor-level access or above, due to missing capability checks on the administrative functions `splw_update_block_options()` and `lwp_clean_weather_transients()`. Affected sites expose the protective nonce to all authenticated sessions via `wp_localize_script()` on the `init` hook, neutralizing what would otherwise be a secondary CSRF defense and making exploitation straightforward for any logged-in user. No public exploit has been identified and the vulnerability is not listed in the CISA KEV catalog; real-world impact is limited to disruption of weather widget display and cache integrity rather than data theft or code execution.

Authorization bypass in the Go golang.org/x/crypto/ssh package before version 0.52.0 allows remote attackers to circumvent source-address restrictions when SSH server configurations use callback authentication types other than public key. This is an incomplete-fix follow-up to CVE-2024-45337, which only addressed the public-key callback path while leaving other callback types vulnerable to the same source-address validation skip. No public exploit identified at time of analysis, EPSS is very low at 0.02%, and SSVC indicates no observed exploitation though the issue is automatable with partial technical impact.

The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a "no-touch-required" extension in Permissions.Extensions from PublicKeyCallback.

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.

Authentication bypass in Go's golang.org/x/crypto/ssh/agent in-memory keyring (versions before 0.52.0) allows SSH key signing operations to proceed without the intended ConfirmBeforeUse user confirmation prompt. Applications that relied on this constraint to gate sensitive signing actions effectively had no protection, with no error returned to indicate the constraint was silently ignored. No public exploit identified at time of analysis and EPSS is very low (0.02%), but SSVC rates technical impact as total.

Unauthorized system modification on Ubiquiti UniFi OS devices allows network-adjacent attackers to alter device configuration without authentication, affecting a broad range of UniFi gateways, dream machines, NVRs, NAS units, and cloud keys. The maximum CVSS 10.0 score reflects network-reachable, unauthenticated exploitation with scope change and full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis, but the authentication bypass nature elevates urgency for any UniFi management plane exposed beyond trusted segments.

Sandbox escape in Boxlite versions prior to 0.9.0 lets untrusted code running inside the lightweight VM remount host-shared virtiofs directories from read-only to read-write, enabling arbitrary writes to host files that operators believed were protected. Because the container is granted all 41 Linux capabilities (including CAP_SYS_ADMIN), a trivial 'mount -o remount,rw' bypasses the client-side MS_RDONLY enforcement, and in AI-agent deployments this leads to host code execution by tampering with mounted code, virtualenvs, or credentials. Publicly available exploit code exists (working PoC published in the GHSA advisory) and the issue carries a CVSS 10.0 with scope change; no public exploit identified at time of analysis in CISA KEV.

runAsNonRoot bypass in containerd allows crafted container images to execute as UID 0 despite Kubernetes security policies designed to prevent root execution. The flaw stems from containerd treating numeric USER directives that overflow a 32-bit integer as usernames, and if the image's /etc/passwd maps that string to root, the container runs as root. No public exploit identified at time of analysis, but the issue was responsibly disclosed by Lei Wang (@ssst0n3) and fixed in multiple containerd release branches.

{identity}/ajax/lookup` enforced neither prior to patching. No public exploit has been identified at time of analysis, and this CVE is not listed in CISA KEV.

{% do %} tag is permitted. No public exploit identified at time of analysis, but the issue was responsibly disclosed with vendor-confirmed root cause and an upstream patch.

Twig's sandbox security policy is bypassed via the `column` filter when processing arrays of PHP objects, allowing an untrusted template author to read any public or magic property of any object reachable in the render context - completely circumventing the `SecurityPolicy`'s `allowedProperties` restrictions. All twig/twig versions prior to 3.26.0 are affected when sandbox mode is active and untrusted authors have `column` in their `allowedFilters`. This is a structural variant of CVE-2024-51755 that the prior ArrayAccess-focused fix left uncovered; no public exploit has been identified at time of analysis, and the fix is confirmed in Twig 3.26.0.

OAuth 2.0 Authorization Code handler in Concrete CMS 9.5.0 and earlier fails to enforce account status checks, allowing users with suspended, banned, or terminated accounts (uIsActive=0) to complete OAuth flows and receive valid API tokens. Deployments using OAuth 2.0 as an authentication mechanism are affected, with the primary real-world impact being unauthorized continued access by deprovisioned users - such as terminated employees or revoked contractors - who retain OAuth credentials. With a CVSS v4.0 score of 2.3, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-severity issue with narrow scope but meaningful identity governance implications for organizations relying on CMS-level account suspension as a deprovisioning control.

Insecure Direct Object Reference (IDOR) in Concrete CMS 9.5.0 and below allows authenticated users with conversation posting rights to bypass the file permission system and reference arbitrary files from the CMS file manager. The AddMessage and UpdateMessage conversation controllers accept user-supplied integer attachment IDs and load file objects directly via the ORM without invoking the canViewFile() permission check, enabling unauthorized read and limited write access to files across the system. No public exploit code has been identified at time of analysis, and the ConcreteCMS security team assessed this as a low-severity issue (CVSS 4.0: 2.3), but sites storing sensitive private files are at meaningful risk if those files are served from within the webroot.

Privilege escalation in Concrete CMS 9.5.0 and earlier allows authenticated users with access to the bulk user assignment dashboard to add arbitrary accounts to the Administrators group and remove existing admins, effectively hijacking site control. The flaw stems from missing authorization checks in bulk_user_assignment.php and was disclosed with a vendor-assigned CVSS v4.0 score of 7.5. No public exploit identified at time of analysis, and the issue is not present in CISA KEV.

Cross-calendar data disclosure in Concrete CMS 9.5.0 and below exposes private calendar event data to unauthenticated remote attackers via an authorization bypass (CWE-639) in the Calendar Event Frontend Dialog. A publicly accessible calendar block serves as a required pivot point, allowing attackers to reference and retrieve event data from private calendars within the same installation. No public exploit has been identified at time of analysis; the vendor assigned a CVSS 4.0 score of 6.3, reflecting constrained confidentiality impact and a prerequisite attack condition (AT:P).

Privilege escalation in LiteLLM prior to 1.83.10 allows any authenticated user with access to the /user/update endpoint to elevate themselves to proxy_admin by including a user_role field in a self-update request. The endpoint enforces ownership (users can only update their own account) but fails to restrict which fields are mutable, granting full administrative control over users, teams, keys, models, and prompt history. Publicly available exploit code exists via a published huntr.com bounty writeup and gist PoC, though no public exploit identified as actively used in the wild at time of analysis.

Privilege escalation in LiteLLM proxy versions prior to 1.83.14 allows an authenticated internal_user to elevate to proxy_admin by generating an API key with an attacker-controlled allowed_routes field that grants access to admin-only endpoints. Because the key-generation handler did not verify that the requested routes fell within the caller's own role permissions, the resulting key successfully reaches admin routes and bypasses role-based access control. Publicly available exploit code exists via a Huntr bounty disclosure and gist, and the upstream commits are merged in the v1.83.14-stable release.

Concrete CMS versions below 9.5.0 expose authenticated users to two related privilege-abuse primitives via a mass assignment flaw: password replacement without the current password, and disabling per-user IP-pinning that guards against session hijacking. The user-profile edit controller forwards the entire raw POST body to UserInfo::update() with no field whitelist, allowing any registered user to inject arbitrary model attributes - including the password field and session-security settings - into their own profile update. No public exploit code has been identified at time of analysis, but the attack is low-complexity and network-accessible for any authenticated user.

Insecure Direct Object Reference (IDOR) in Concrete CMS versions up to and including 9.5.0 enables unauthenticated remote attackers to cast fraudulent votes in restricted private surveys by submitting a private survey's optionID through the publicly accessible voting endpoint. The vulnerability is configuration-dependent - exploitation requires the target site to simultaneously host both public and private surveys - which the CVSS v4.0 vector encodes as AT:P (Attack Requirements: Present), moderately lowering the practical risk surface compared to a universally exploitable flaw. No public exploit code or active exploitation has been identified at time of analysis. Impact is limited to integrity: survey result manipulation with no confidentiality or availability consequence.

Unauthenticated page metadata disclosure in Concrete CMS 9.5.0 and below exposes private, draft, and restricted page details - including title, URL path, description, and author - to any remote attacker on sites with summary templates configured. The flaw stems from improper access control (CWE-284) where the summary template rendering pipeline bypasses page visibility restrictions entirely, making sensitive page structure visible without any credential. No active exploitation (CISA KEV) and no public exploit code have been identified at time of analysis; the CVSS v4.0 score of 6.3 with AT:P reflects that exploitation depends on a non-universal template configuration being present.

Unauthorized access to all Express form submissions is possible in Concrete CMS 9.5.0 and below through an Insecure Direct Object Reference (IDOR) in the Express Entry Detail block, exploitable by unauthenticated remote attackers who manipulate the exEntryID parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:N/UI:N) confirms network-accessible, unauthenticated exploitation, though the AT:P metric indicates a specific deployment precondition - the Express Entry Detail block must be in active use. No public exploit or CISA KEV listing has been identified at time of analysis; a vendor-released patch is available in the 9.5.1 release.

Unauthorized file download in Concrete CMS 9.5.0 and below exposes permission-restricted files via a broken authorization check in the file download controller. The submit_password() method in download_file.php processes file access without enforcing the view_file permission gate, producing two exploitable paths: any unauthenticated network actor can retrieve files that carry no password protection, and any actor who possesses a file's password can retrieve that file regardless of whether their account holds view_file permission. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Insecure Direct Object Reference (IDOR) in Concrete CMS 9.5.0 and earlier exposes the full content of any conversation message through an unauthenticated frontend API endpoint, including messages from restricted pages, member-only areas, and the moderation queue. Unauthenticated remote attackers can enumerate message records and harvest file attachment download URLs by querying `/ccm/frontend/conversations/message_page` without credentials. No public exploit code has been identified and no CISA KEV listing exists; however, the network-accessible unauthenticated attack vector (PR:N, AV:N) makes patching a priority for any public-facing installation using the Conversations feature.

Unauthenticated information disclosure in Concrete CMS 9.5.0 and earlier allows remote attackers to enumerate all conversation messages - including content from restricted pages, member-only areas, and the moderation queue - by exploiting a missing authorization check on the `/ccm/frontend/conversations/message_detail` endpoint. File attachment download URLs are also exposed, compounding the data leakage risk. No public exploit code or CISA KEV listing has been identified at time of analysis; however, the attack requires no credentials and no user interaction, making bulk enumeration trivial once the conversations feature is confirmed active.

Insecure Direct Object Reference (IDOR) in Concrete CMS 9.5.0 and earlier allows unauthenticated remote attackers to enumerate arbitrary conversation message IDs via the `/ccm/frontend/conversations/get_rating` endpoint, confirming message existence and leaking rating scores. The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:N/UI:N/VC:L) indicates no authentication is required but a prerequisite condition must be met - likely the Conversations module being enabled and publicly reachable. No public exploit has been identified and this CVE is not listed in CISA KEV, placing it in the low-priority tier despite its network-accessible nature.

{fID} endpoint without any credentials. The flaw combines CWE-862 (Missing Authorization) with a classic IDOR pattern on an integer file ID parameter, and is scored CVSS 4.0 at 6.3 (Medium) by the vendor with PR:N and AC:L, though the AT:P metric indicates that valid file IDs must exist for meaningful data to be returned. No public exploit code and no CISA KEV listing exist at time of analysis.

Improper authorization in NocoDB (npm/nocodb ≤ 0.301.3) allows unauthenticated network attackers holding only a shared-base UUID to enumerate base members and inject arbitrary email addresses as permanent authenticated base members. The invited account redeems the invite through the normal signup flow, obtains a persistent JWT scoped to the target base, and retains that access even after the base owner revokes the shared link - effectively converting ephemeral anonymous share access into durable authenticated membership. No public exploit code has been identified and there is no CISA KEV listing at time of analysis, but the absence of a released patch and the trivial exploitation prerequisites materially elevate operational risk beyond what the CVSS 5.8 score alone implies.

OAuth token scope enforcement is entirely absent at the ACL middleware layer in NocoDB (npm/nocodb ≤ 0.301.3), causing tokens issued with restricted scopes - such as MCP-only - to silently inherit the underlying authenticated user's full role across all routes. The per-base resource restriction (`granted_resources.base_id`) is additionally bypassed on org-level endpoints where `req.context.base_id` is never populated, rendering base-scoped token restrictions meaningless against workspace-level API calls. No public exploit has been identified at time of analysis, and no patched release has been confirmed despite a fix being described in the advisory.

Authorization bypass in mcp-server-kubernetes versions prior to 3.6.0 allows authenticated clients to invoke any Kubernetes tool - including destructive operations like kubectl_delete, exec_in_pod, and node_management - regardless of ALLOW_ONLY_READONLY_TOOLS, ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS, or ALLOWED_TOOLS restrictions. The controls were enforced only at the tools/list discovery layer, leaving tools/call unguarded, which effectively reduces operator-configured least-privilege policies to cosmetic filters. Publicly available exploit code exists (a single curl invocation reproduces it), and in cluster-admin deployments the flaw is equivalent to full cluster compromise for any client reaching the endpoint.

Improper cache key generation in SpiceDB's dispatch layer allows authorization bypass when caveat structures use nested lists. Affected versions (v1.15.0 through v1.51.x) generate colliding cache keys due to non-deterministic serialization of nested list structures in caveat contexts, causing the system to erroneously serve a cached positive authorization result in place of a correct negative one. No public exploit code has been identified at time of analysis, and this vulnerability is not currently listed in the CISA KEV catalog, but exploitation is structurally straightforward for any party with the ability to send crafted CheckBulkPermission or LookupResources requests to a misconfigured deployment.

Authentication bypass in Fission (Kubernetes serverless framework) versions 1.22.0 and earlier allows unauthenticated remote callers reaching the public router (svc/router, port 8888) to invoke any Function object by guessing its metadata.name and namespace via the /fission-function/<ns>/<name> route, completely bypassing HTTPTrigger host, path, method, and method-allow-list restrictions. The flaw also enables function-name enumeration and crosses tenant boundaries in multi-tenant deployments; no public exploit identified at time of analysis, though the fix commits and root-cause analysis are public on GitHub.

Unauthenticated archive CRUD in Fission's storagesvc (≤ v1.22.0) lets any in-cluster workload list, download, replace, or delete function deployment archives across all tenants by hitting the ClusterIP-exposed /v1/archive and /v1/archives endpoints. Because uploaded archives are later fetched and executed by function specialization, the flaw escalates from a tenant data-exposure issue to in-cluster code execution. No public exploit identified at time of analysis, but the trivial HTTP pattern and lack of auth middleware make weaponization straightforward for any attacker with a foothold pod.

Missing capability check in GSheet For Woo Importer (WordPress plugin, all versions through 2.3.1) allows authenticated attackers with Subscriber-level access to invoke the process_ajax_restore_action() AJAX function and permanently delete the plugin's Google Sheets API token and associated configuration options. This disrupts WooCommerce product import workflows dependent on the Google Sheets integration. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Open ISES Tickets exposes a hardcoded Google Maps API key committed directly to its public GitHub source repository in tables.php, affecting all versions before 3.44.2. Any party with read access to the repository - effectively the entire internet - can extract the key and authenticate to Google Maps Platform as the application owner, generating API usage billed against the victim's Google Cloud project. No public exploit has been identified at time of analysis, but the SSVC framework rates this as automatable with partial technical impact, and the v3.44.2 release notes confirm the key is one of five hardcoded secrets removed in a batch of 88 security fixes.

Hardcoded Google Maps API key exposure in Open ISES Tickets before v3.44.2 enables any party with read access to the public GitHub repository to extract a valid API credential from settings.inc.php and issue arbitrary Google Maps Platform requests billed against the victim organization's Google Cloud project. All versions from the initial release up to (but not including) 3.44.2 are affected per CPE cpe:2.3:a:open_ises:tickets:*:*:*:*:*:*:*:*. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV, but exploitation requires only the ability to read a publicly hosted source file - effectively zero technical barrier for any motivated actor.

Open ISES Tickets before v3.44.2 exposes a hardcoded WhitePages reverse-phone API key committed directly into the public source file wp1.php, making it trivially accessible to any actor who can read the repository. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) reflects that no authentication or special conditions are required - extraction is as simple as reading a publicly hosted source file. Impact is bounded to third-party API abuse: an attacker can use the stolen key to make WhitePages lookups billed to or rate-capped against the legitimate owner's account. No public exploit identified at time of analysis, and this CVE is not listed in CISA KEV, though the passive nature of the exposure means any observer of the repository may already possess the key.

Credential exposure in Open ISES Tickets versions prior to 3.44.2 allows remote attackers to obtain valid MySQL database connection parameters (host, username, password, database name) hardcoded in import_mdb.php and committed to the public source repository. Any attacker who can read the public GitHub source can extract these credentials and attempt to authenticate against deployed installations that retained the default values, with no public exploit identified at time of analysis.

Hardcoded MySQL credentials in Open ISES Tickets before 3.44.2 expose database username, password, and database name through a public-facing loader.php utility that was committed to the source repository. Any user able to read the source tree on GitHub or fetch the file from a deployed installation can connect to the backing database if reachable, leading to full read/write access. No public exploit identified at time of analysis, but the credentials are trivially recoverable from the source tree.

Broken access control in the HAPPY WordPress helpdesk and support ticket plugin (versions through 1.0.10) by VillaTheme permits unauthenticated remote attackers to invoke restricted plugin functionality without any authorization check. The vulnerability stems from missing authorization gates on plugin endpoints, classified under CWE-862, enabling limited integrity and availability impact against affected WordPress installations. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

KVM read-only execution isolation bypass in klever-go allows a low-privileged smart contract actor to commit irreversible contract deletion side effects through the `ExecuteReadOnlyWithTypedArguments` hook, violating the expected non-mutating guarantee of read-only calls. Affected are all deployments of klever-go prior to v1.7.17 where smart contract workflows invoke callees through read-only execution paths. A confirmed proof-of-concept was included with the original disclosure, demonstrating that `DeletedAccounts` in VM output transitions from zero entries to one after a read-only nested call - no public exploit is separately circulating and CISA KEV listing is not confirmed at time of analysis.

Unauthorized data disclosure in PosCube QR Menu (all versions through 21052026) allows remote attackers to access other users' restaurant menu data by manipulating user-controlled identifiers in requests. The flaw is an Insecure Direct Object Reference (IDOR) reachable over the network without authentication, and no public exploit identified at time of analysis. Reported by Turkey's national CERT (TR-CERT), with the vendor unresponsive to disclosure outreach.

Authentication bypass in Digital Operations Services Inc. WifiBurada (all versions through 21052026) allows authenticated remote attackers to access private personal information and credentials belonging to other users due to insufficient credential protection. The flaw, reported by TR-CERT and tracked as EUVD-2025-209910, carries a CVSS 7.1 score with high confidentiality impact; no public exploit identified at time of analysis and the vendor has not responded to disclosure attempts.

(Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the operator namespace. This issue affects Apache Camel K: from 2.0.0 before 2.8.1, from 2.9.0 before 2.9.2, from 2.10.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1 (or 2.8.1 or 2.9.2), which fixes the issue.

Incorrect view selection in PowerDNS Authoritative Server when processing TCP PROXY protocol requests exposes DNS records intended for a different network segment to remote unauthenticated attackers, producing both unauthorized information disclosure and limited integrity impact. Deployments running split-horizon DNS via the Views feature alongside TCP PROXY protocol support are the specific affected population. No public exploit has been identified at time of analysis, and active exploitation has not been confirmed by CISA KEV; however, the attack concept requires no authentication and no user interaction, making it relevant wherever both features are co-deployed.

Missing authorization in the CF7 WOW Styler WordPress plugin (versions through 1.7.6) permits unauthenticated remote attackers to perform restricted administrative actions due to absent capability checks on one or more plugin endpoints. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no credentials and no user interaction, making it trivially reachable on any publicly exposed WordPress site running the affected plugin. Impact is limited to low-integrity writes (C:N/I:L/A:N), but no public exploit or CISA KEV entry has been identified at time of analysis.

Authentication bypass in Netatalk 2.2.2 through 4.4.2 allows attackers with high-privileged admin auth user credentials to circumvent authentication controls in this open-source AFP (Apple Filing Protocol) server implementation. The flaw, tracked as EUVD-2026-31234 and tagged as an Authentication Bypass weakness, carries a CVSS 7.2 (High) score and is fixed in version 4.5.0; no public exploit identified at time of analysis.

Incorrect authorization in Mattermost Playbooks (versions 11.5.0-11.5.1) allows any authenticated team member to create playbook runs in teams where they hold no run_create permission, by supplying an arbitrary team ID in the run creation API request. The server validates permissions only against the user's originating context rather than the target team specified in the payload, a classic authorization bypass rooted in CWE-863. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code is identified at time of analysis, but the low attack complexity makes this trivially exploitable by any authenticated insider or compromised account.

Missing post-response authorization filtering in MLflow's self-hosted server exposes all registered model version metadata to any authenticated user, regardless of their per-model permission level. Both the REST API endpoint `SearchModelVersions` and the GraphQL query `mlflowSearchModelVersions` were absent from the authorization middleware chains in versions up to 3.9.0, allowing a low-privilege authenticated user to enumerate model names, version descriptions, source artifact URIs, tags, and other metadata across all registered models in multi-tenant deployments. No public exploit identified at time of analysis; the vendor-released patch is confirmed in version 3.10.0.

Insecure Direct Object Reference in the Broadstreet WordPress plugin (all versions through 1.52.2) allows any authenticated user with Subscriber-level access to read arbitrary private post metadata by supplying a user-controlled key to the get_sponsored_meta AJAX endpoint without server-side authorization checks. The vulnerability stems from a missing object-level authorization check (CWE-639), a common class of flaw in WordPress plugin AJAX handlers. No public exploit code or active exploitation has been identified at time of analysis, and a patched version (1.53.2) is available via the WordPress plugin repository.

A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's identifier can interact with that workspace's search index, crossing tenant boundaries. Successful exploitation allows reading a workspace's indexed contents (such as component data, project and folder names, and user metadata) and injecting, modifying, or deleting search index entries. These operations affect the search index only, not the underlying vault data, but they can disclose sensitive workspace information and compromise the integrity and availability of search results. Altium 365 cloud deployments are affected; on-premise Altium Enterprise Server is not affected.

Authentication bypass in authentik identity provider allows attackers with an account on a federated SAML Source to impersonate arbitrary users by injecting an XML comment into the NameID value of a signed SAML assertion. Affected versions are 2025.12.4 and prior, plus 2026.2.0-rc1 through 2026.2.2; the GitHub Security Advisory GHSA-9wj8-xv4r-qwrp confirms the issue with a CVSS 8.7 (High) score, and no public exploit is identified at time of analysis though the upstream commit and a regression test demonstrate the truncation behavior.

Authentication bypass in Taiko AG1000-01A SMS Alert Gateway (Rev 7.3 and Rev 8) lets remote attackers reach the embedded web configuration interface without any login, granting full administrative read and write access over alarm routing and device settings. The CVSS 4.0 score of 9.3 reflects unauthenticated network exploitation with high impact on confidentiality, integrity, and availability, and a public technical write-up exists on Medium alongside a VulnCheck advisory, though no public exploit identified at time of analysis.

Authentication bypass in the Taiko AG1000-01A SMS Alert Gateway (Rev 7.3 and Rev 8) allows unauthenticated remote attackers to recover hard-coded administrative credentials by viewing the page source of login.zhtml, because the validate() function performs credential checking entirely client-side. With a CVSS 4.0 base score of 9.3 (AV:N/AC:L/PR:N/UI:N) and a VulnCheck advisory plus a public Medium write-up, the flaw is trivially exploitable, though no public exploit identified at time of analysis as a packaged tool and the device is not currently listed in CISA KEV.

Same-origin policy bypass in Google Chrome's Service Worker subsystem (all versions prior to 148.0.7778.179) allows remote unauthenticated attackers to read cross-origin data by luring a victim to a crafted HTML page. The flaw originates from insufficient policy enforcement (CWE-693) within the Service Worker layer, enabling unauthorized access to confidential data across origins. No public exploit code has been identified and no active exploitation is confirmed; Google has shipped a fix in stable channel version 148.0.7778.179.

Authentication bypass in Trilium Notes Desktop (Electron build) versions 0.102.1 and earlier allows remote unauthenticated attackers on the same network to access the Clipper API and read or manipulate notes without any credentials. The Electron runtime detection explicitly disables auth middleware on endpoints like /api/clipper/notes and the handshake endpoint, which fingerprints the application - no public exploit identified at time of analysis, but the vendor advisory GHSA-jcvx-vc83-cppw confirms the issue and the fix shipped in 0.102.2.

{wikiName} REST endpoint, which was missing authorization checks. Affects all releases prior to 16.10.17, 17.4.9, 17.10.3, 18.0.1, and 18.1.0-rc-1. CVSS 4.0 base score is 9.3 (critical) with no public exploit identified at time of analysis, but the patch commit clearly exposes the trivial nature of the bypass.

HTML sanitizer bypass in CryptPad's Diffmarked.js allows remote unauthenticated attackers to inject arbitrary HTML into collaborative documents, completely defeating the platform's bounce sandboxing mechanism. All CryptPad versions prior to 2026.2.0 are affected; the CVSS scope change (S:C) reflects that exploitation crosses sandbox boundaries, enabling link injection and delivery of malicious interactive content to any user who opens a crafted document. No public exploit code has been identified at time of analysis and this CVE is not listed in CISA KEV, though the attack vector is network-accessible with no authentication required.

Insecure Direct Object Reference in MISP 2.5.0 through 2.5.37 allows authenticated users with shadow attribute submission privileges to overwrite arbitrary existing ShadowAttribute records by supplying a target id within the add proposal request. The framework's ORM interprets a client-supplied primary key as an update directive, breaking the boundary between proposal creation and modification. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Improper authentication on an undocumented administrative endpoint in ArcGIS Server 11.1 through 12.0 allows unauthenticated remote attackers to disrupt the web-based browsing interface by sending a crafted HTTP request. The vulnerability is classified as CWE-287 and carries a CVSS 5.3 medium score, reflecting network-reachable, zero-privilege exploitation offset by limited impact (integrity only, no confidentiality or availability loss). No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Unauthorized data disclosure in Splunk AI Toolkit versions below 5.7.3 allows authenticated low-privileged users to bypass srchFilter-based access controls and read confidential data scoped to more restricted custom roles. The flaw stems from the Splunk platform's behavior of combining inherited search filters via the OR SPL operator, causing the permissive filter injected by the AI Toolkit's authorize.conf to override stricter filters on child roles. No active exploitation confirmed (not in CISA KEV) and no public exploit identified at time of analysis, but the CVSS confidentiality impact is rated High, making this a meaningful data exposure risk in multi-tenant or compliance-sensitive Splunk deployments.

Account takeover via IdP linking proof reuse in Red Hat Build of Keycloak allows an authenticated attacker with an account on the same external Identity Provider to hijack another user's local Keycloak account. The cross-session verification proof generated during the IdP account linking flow is scoped only to the tuple (local userId, idpAlias) and is not cryptographically bound to the specific upstream identity that completed verification, enabling a second IdP account - controlled by the attacker - to consume that proof and become linked to the victim's local account. No public exploit has been identified at time of analysis and the flaw is not listed in the CISA KEV catalog, though the high Confidentiality and Integrity impact (CVSS C:H/I:H) reflects the severity of a successful account takeover.

Authentication bypass in Cisco Secure Workload allows unauthenticated remote attackers to invoke internal REST API endpoints and act with Site Admin privileges across tenant boundaries. The flaw carries a maximum CVSS 10.0 score with a changed scope and full CIA impact, and no public exploit has been identified at time of analysis. Successful exploitation enables reading sensitive tenant data and modifying configuration globally, making this a critical-priority issue for any organization running affected versions.

Account takeover in MISP's OidcAuth plugin (versions 2.5.0 through 2.5.37) enables an unauthenticated attacker holding a valid OIDC token from an insecure or untrusted IdP to authenticate as any local MISP user whose account has a NULL stored `sub` value. The vulnerability arises because the plugin unconditionally trusted the OIDC email claim to link identities to existing local accounts without verifying email ownership, bypassing authentication controls entirely (CWE-287). No public exploit has been identified and the vulnerability is not listed in CISA KEV; the CVSS 4.0 score of 6.0 reflects adjacent network vector and high complexity conditions that constrain realistic exposure.

Cross-session PubSub topic injection in phoenix_storybook (versions 0.4.0 through before 1.1.0) allows a remote unauthenticated attacker to redirect a victim's playground control messages to an attacker-controlled LiveView iframe process. The vulnerability exists because ComponentIframeLive reads the PubSub coordination topic verbatim from a URL query parameter with no session-binding validation, enabling an attacker who loads a crafted iframe URL to hijack variation state changes, theme switches, and extra-assign payloads intended for a victim's active playground session. No public exploit code exists and no CISA KEV listing is present; the CVSS 4.0 score of 2.3 reflects genuinely low severity given the prerequisites required.

HCL DominoIQ's Retrieval-Augmented Generation (RAG) feature fails to enforce document-level access controls when processing AI queries, allowing authenticated low-privileged users to retrieve sensitive Domino documents they are not authorized to view. Affecting the AI query subsystem of HCL DominoIQ, this broken access control flaw carries a CVSS 6.5 with High confidentiality impact, reflecting meaningful data exposure risk in enterprise Domino deployments. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Broken access control in the WpBookingly WordPress plugin (Magepeople Inc.) through version 1.2.9 enables network-authenticated high-privilege users to perform unauthorized integrity and availability-impacting actions against the booking management system. Rooted in CWE-862 (Missing Authorization), the plugin fails to enforce proper authorization checks on one or more endpoints, allowing exploitation of incorrectly configured access control levels. No public exploit code has been identified at time of analysis, and this CVE does not appear in the CISA KEV catalog.

Missing Authorization in the Image Photo Gallery Final Tiles Grid WordPress plugin (by WP Chill) allows low-privileged authenticated attackers to exploit incorrectly configured access control, resulting in unauthorized read access to restricted data. All plugin versions through 3.6.11 are affected per NVD and Patchstack. No public exploit identified at time of analysis, and the limited confidentiality impact (C:L) and authentication requirement (PR:L) constrain real-world blast radius, though the vulnerability remains a valid risk for multi-tenant or shared-access WordPress deployments.

Missing authorization in PDF for Elementor Forms + Drag And Drop Template Builder (WordPress plugin by ADD-ONS.ORG) allows an authenticated low-privilege user to exploit incorrectly configured access control security levels, resulting in unauthorized integrity modifications with changed scope. All plugin versions through 5.5.1 are affected. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV, placing this in a monitor-and-patch priority tier rather than emergency response.

Privilege escalation in Mesalvo Meona Client Launcher and Server components allows a low-privileged authenticated user to gain access to the administrative panel due to improper access control enforcement. The flaw affects Meona Client Launcher Component through build 19.06.2020 15:11:49 and Meona Server Component through 2025.04 5+323020, and is tagged as an Authentication Bypass with no public exploit identified at time of analysis. The high CVSS score of 7.8 reflects full confidentiality, integrity, and availability impact once a normal user account is leveraged to escalate privileges.

Authenticated privilege escalation in the AcyMailing WordPress plugin (versions up to and including 10.8.2) allows users with subscriber-level access or higher to modify privileged plugin configuration and export subscriber secret keys. By chaining these missing authorization flaws with knowledge of an administrator's email address, attackers can achieve full administrator account takeover. No public exploit identified at time of analysis, but Wordfence - the reporting party - typically tracks WordPress plugin abuse closely.