High
CVSS: 8.4
In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n…
High
CVSS: 7.7
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User i…
High
CVSS: 7.1
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that tar…
Medium
CVSS: 6.9
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID param…
Medium
CVSS: 4.3
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary…
Medium
CVSS: 6.7
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers (such as X-Trusted-Proxy and…
Medium
CVSS: 6.7
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when…
Medium
CVSS: 6.0
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypas…
High
CVSS: 7.5
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentica…
Critical
CVSS: 9.8
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows a…
Medium
CVSS: 4.3
Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`weblate/api/views.py`, line 2831) uses `queryset = Addon.objects.all()` without overriding `get_queryset()` to scope results by user permissi…
Medium
CVSS: 4.9
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, `posts_nearby` was checking topic access but then returning all posts regardless of type, including whispers that should only be visible t…
High
CVSS: 8.4
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script.
All instances after January 30th, 202…
Medium
CVSS: 5.7
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the FHIR CareTeam resource endpoint allows patient-scoped FHIR tokens…
Medium
CVSS: 6.5
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
This vulnerability is due to insufficient file system access restrictions. An attacker…
High
CVSS: 7.1
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This…
Medium
CVSS: 4.5
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizat…
Medium
CVSS: 6.5
Improper
access control in multiple DVLS REST API endpoints in Devolutions
Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data.
Low
CVSS: 2.3
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint (disabled by default) allows users to retrieve a list of objects associated with a speci…
Medium
CVSS: 5.3
A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function download_controller of the file /backend/app/api/v1/module_common/file/controller.py of the component Download Endpoint. This manipulation of…