Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.9 MEDIUM
CVE-2026-56327 — Capgo - Unauthenticated Organization Existence Oracle via public.invite_user_to_org RPC

Capgo before 12.128.2 contains an information disclosure vulnerability in the public.invite_user_to_org RPC function that allows unauthenticated attackers to enumerate organization existence by obser…

Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.1 HIGH
CVE-2026-56320 — Capgo - Org/App Scope Mismatch in Device Creation Endpoint

Capgo before 12.128.2 contains an authorization flaw in POST /private/create_device that accepts a caller-supplied org_id parameter without validating it matches the target app's owner organization. …

Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.9 MEDIUM
CVE-2026-56318 — Capgo - Information Disclosure via /private/validate_password_compliance Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validate_password_compliance endpoint that returns different error responses for malformed, non-existent, and ex…

Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.7 HIGH
CVE-2026-56300 — Capgo - Unauthenticated API Key Validity and Permission Oracle via RPC Functions

Capgo before 12.128.2 contains unauthenticated security definer RPC functions get_user_id and get_org_perm_for_apikey that expose API key validity oracles and user UUID disclosure. Unauthenticated at…

Remote | Authentication
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.1 HIGH
CVE-2026-56286 — Capgo - Account Deletion Without Password Confirmation

Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that allows deletion without password re-authentication or secondary verification. Attackers can…

Remote | Authentication
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.3 CRITICAL
CVE-2026-56278 — Flowise - Session Hijacking via Weak Default Express Session Secret

Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded default secret ('flowise') for the express-session middleware when the EXPRESS_SESSION_SECRET environment variable is…

flowise | Remote | Authentication
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.9 MEDIUM
CVE-2026-56277 — Flowise - Hardcoded CORS Wildcard in TTS Endpoint

Flowise before 3.1.2 sets Access-Control-Allow-Origin to a hardcoded wildcard (*) on its text-to-speech (TTS) generation endpoint (packages/server/src/controllers/text-to-speech/index.ts), independen…

flowise | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.2 CRITICAL
CVE-2026-56264 — Crawl4AI - Arbitrary JavaScript Execution via /execute_js Endpoint

Crawl4AI before 0.8.7 contains an arbitrary JavaScript execution vulnerability in the Docker API server's /execute_js endpoint, which accepts and executes arbitrary user-supplied JavaScript in the se…

crawl4ai | Remote | Authentication
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.6 HIGH
CVE-2026-56249 — Capgo - Unauthorized Channel Overwrite and Ownership Takeover via POST /channel Name Coll…

Capgo before 12.128.2 contains an authorization bypass vulnerability in the channel creation endpoint that allows authenticated users to overwrite existing channels by reusing their names. Attackers …

Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.8 HIGH
CVE-2026-56247 — Capgo - Privilege Escalation via Cross-Scope RBAC Role Assignment

Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope without validating role scope compatibility, including to pending invitees. Attackers can pre-seed malformed high-…

Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.7 HIGH
CVE-2026-56233 — Capgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload Proxy

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append tr…

Remote | Path Traversal
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.8 HIGH
CVE-2026-56230 — Capgo - Broken Object Level Authorization via x-limited-key-id Header

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey() that accepts the client-controlled x-limited-key-id header without validating ownership, allowing a…

Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.4 MEDIUM
CVE-2026-56224 — Capgo - Login CSRF and Session Fixation via URL Query Parameters

Capgo console.capgo.app/login before 12.128.2 accepts access_token and refresh_token in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious li…

Remote | Authentication
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.7 HIGH
CVE-2026-56219 — Capgo - Unauthenticated RBAC Bindings and Email Disclosure via get_org_user_access_rbac N…

Capgo before 12.128.2 contains a NULL-auth bypass vulnerability in the public.get_org_user_access_rbac function that allows unauthenticated attackers to retrieve RBAC role bindings and member email a…

Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.3 CRITICAL
CVE-2026-55721 — SQL Injection in StoneFly Storage Concentrator

Storage Concentrator (SC & SCVM) is vulnerable to SQL injection through cookie values processed by the login.pl and debug.pl scripts. The cookie value is incorporated directly into database queries w…

storage_concentrator | Remote | Injection
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.3 MEDIUM
CVE-2026-55223 — c3p0 exposes a deserialization "sink" via JDBC DataSource bean properties

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.get…

Remote | Injection
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
3.7 LOW
CVE-2026-54696 — Ruby JSON: JSON generator heap buffer overflow when streaming to an IO

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming…

javascript_object_notation | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.2 HIGH
CVE-2026-54673 — electron-updater: Cross-origin redirect leaks `PRIVATE-TOKEN` and mixed-case `Authorizati…

electron-updater allows for automatic updates for Electron apps. Prior to 9.7.0, the HTTP redirect handler (HttpExecutor.prepareRedirectUrlOptions) only stripped a credential header whose key string …

Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-54672 — electron-updater: Uncontrolled search path elements within `AppImage` built by `app-build…

electron-updater allows for automatic updates for Electron apps. Prior to 26.15.0, AppImage targets built by app-builder-lib could use an empty path component when setting the LD_LIBRARY_PATH environ…

| Path Traversal
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
7.5 HIGH
CVE-2026-52198 — UTT nv518G Buffer Overflow

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_425994 component

Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
Showing 20 of 8017 Results