Search Results (12851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-40866 1 Horilla 1 Horilla 2026-04-22 N/A
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload request. This enables unauthorized modification of HR records.
CVE-2026-40865 1 Horilla 1 Horilla 2026-04-22 N/A
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR files such as identity documents, contracts, certificates, and other private employee records.
CVE-2026-40867 1 Horilla 1 Horilla 2026-04-22 N/A
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, a broken access control vulnerability in the helpdesk attachment viewer allows any authenticated user to view attachments from other tickets by changing the attachment ID. This can expose sensitive support files and internal documents across unrelated users or teams.
CVE-2026-40874 1 Mailcow 1 Mailcow Dockerized 2026-04-22 N/A
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, no administrator verification takes place when deleting Forwarding Hosts with `/api/v1/delete/fwdhost`. Any authenticated user can call this API. Checks are only applied for edit/add actions, but deletion can still significantly disrupt the mail service. Version 2026-03b fixes the vulnerability.
CVE-2025-43404 1 Apple 2 Macos, Macos Tahoe 2026-04-22 3.3 Low
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
CVE-2025-43527 1 Apple 1 Macos 2026-04-22 7.8 High
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to gain root privileges.
CVE-2025-43416 1 Apple 3 Macos, Macos Sequoia, Macos Sonoma 2026-04-22 9.8 Critical
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.
CVE-2025-43518 1 Apple 3 Macos, Macos Sequoia, Macos Sonoma 2026-04-22 3.3 Low
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, watchOS 26.2. An app may be able to inappropriately access files through the spellcheck API.
CVE-2025-46282 1 Apple 3 Macos, Macos Tahoe, Safari 2026-04-22 5.5 Medium
The issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to access sensitive user data.
CVE-2025-46292 1 Apple 3 Ios, Ipados, Iphone Os 2026-04-22 5.5 Medium
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.
CVE-2025-46288 1 Apple 9 Ios, Ipad Os, Ipados and 6 more 2026-04-22 5.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive payment tokens.
CVE-2026-40946 1 Oxia-db 1 Oxia 2026-04-22 N/A
Oxia is a metadata store and coordination system. Prior to 0.16.2, the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience (aud) claim validation at the library level. This allows tokens issued for unrelated services by the same OIDC issuer to be accepted by Oxia. This vulnerability is fixed in 0.16.2.
CVE-2026-3461 2 Visaacceptancesolutions, Wordpress 2 Visa Acceptance Solutions, Wordpress 2026-04-22 9.8 Critical
The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the `express_pay_product_page_pay_for_order()` function logging users in based solely on a user-supplied billing email address during guest checkout for subscription products, without verifying email ownership, requiring a password, or validating a one-time token. This makes it possible for unauthenticated attackers to log in as any existing user, including administrators, by providing the target user's email address in the billing_details parameter, resulting in complete account takeover and site compromise.
CVE-2026-6201 1 Codeastro 1 Online Job Portal 2026-04-22 5.4 Medium
A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipulation of the argument ID leads to improper access controls. The attack can be launched remotely. The exploit is publicly available and might be used.
CVE-2026-6588 1 Serge-chat 1 Serge 2026-04-22 6.5 Medium
A weakness has been identified in serge-chat serge up to 1.4TB. The impacted element is the function download_model/delete_model of the file api/src/serge/routers/model.py of the component Model API Endpoint. Executing a manipulation can lead to missing authentication. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-6577 1 Liangliangyy 1 Djangoblog 2026-04-22 7.3 High
A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulation leads to missing authentication. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-6609 1 Liangliangyy 1 Djangoblog 2026-04-22 6.3 Medium
A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file oauth/views.py. This manipulation of the argument oauthid causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-6492 1 Arnobt78 1 Hotel Booking Management System 2026-04-22 5.3 Medium
A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of the component Health Check Endpoint. Performing a manipulation results in information disclosure. Remote exploitation of the attack is possible. The exploit is now public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-6612 2 Superagi, Transformeroptimus 2 Superagi, Superagi 2026-04-22 6.3 Medium
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/update_agent_execution of the file superagi/controllers/agent_execution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agent_execution_id can lead to authorization bypass. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-6561 1 Eyoucms 1 Eyoucms 2026-04-22 4.7 Medium
A vulnerability was detected in EyouCMS up to 1.7.1. This issue affects the function edit_adminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.