CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.14)
Capgo versions before 12.128.2 contain an improper access control vulnerability in the public.get_org_members RPC function that allows unauthenticated attackers to enumerate organization members. Attackers can invoke the endpoint using only the public sb_publishable_* key and an organization UUID to retrieve sensitive member information including email addresses, user IDs, roles, and pending invitations.
Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to elevate privileges from admin to super_admin. Attackers can exploit the insufficient RLS enforcement to gain unauthorized super_admin access.
Capgo before 12.128.2 contains an unauthenticated RPC function get_identity_apikey_only that returns the owning user_id for supplied API keys. This creates an API key validity oracle and user identity disclosure primitive.
Capgo before version 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which performs sensitive billing operations without enforcing internal authorization checks. The function runs with the owner's privileges, bypassing Row Level Security.
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions.
Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access build jobs belonging to different applications by supplying a mismatched app_id and job_id combination.
The vulnerability in picklescan before version 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to bypass scanning and execute arbitrary code when a malicious pickle file is loaded via pickle.load().
A vulnerability in picklescan before version 0.0.30 allows bypassing detection of malicious pickle files. Attackers can use the idlelib.pyshell.ModifiedInterpreter.runcommand method in reduce functions to hide code that executes remote commands when the file is loaded by the victim.
Picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. Attackers can craft pickle files that import dangerous libraries like os and execute arbitrary system commands.
The vulnerability in picklescan before version 0.0.28 fails to detect malicious pickle files that invoke the torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply chain attacks.
A vulnerability has been detected in BerriAI litellm up to version 1.82.2, affecting the ui_view_users function in the litellm/proxy/management_endpoints/internal_user_endpoints.py file. This issue is a result of an incomplete fix for CVE-2025-0628, leading to improper authorization.
A weakness has been identified in BerriAI litellm up to version 1.82.2, concerning the function load_openapi_spec_async. Manipulation of the argument spec_path leads to server-side request forgery.
A security flaw has been discovered in BerriAI litellm up to version 1.82.5 in the async_pre_call_hook function of the enterprise/enterprise_hooks/banned_keywords.py file. Manipulation of the prompt argument results in incorrect authorization, which can be exploited in remote attacks.
A vulnerability was identified in BerriAI litellm up to version 1.82.2, impacting the function get_redirect_response_from_openid in the file litellm/proxy/management_endpoints/ui_sso.py of the SSO Authentication Flow component. Manipulation leads to session expiration.
A vulnerability was determined in BerriAI litellm up to version 1.82.2, affecting the function json.dumps in the file litellm/proxy/management_endpoints/ui_sso.py of the SSO Debug Flow component. Manipulating this function can lead to missing authentication.
A vulnerability was identified in ILIAS Learning Management System 11.0 affecting the function ilTrQuery::executeQueries in the file components/ILIAS/Tracking/classes/class.ilTrQuery.php. Manipulation of the argument troup_table_nav leads to SQL injection.
A vulnerability was identified in the ADP platform by zhilink (深圳)科技有限公司 version 1.0.0, affecting unknown code in the file /adpweb/a/base/barcodeDetail/import related to the XML parser. This manipulation leads to the exploitation of XML external entity references, allowing for remote attacks.
A vulnerability was found in the ADP Application Developer Platform version 1.0.0, affecting an unknown part of the testConnection Endpoint component. Manipulation of the jdbcUrl argument results in deserialization.
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to version 9.76, affecting some unknown functionality in the library bootpt64.sys of the Kernel Driver component. Manipulation leads to improper access controls.
In the Linux kernel, a vulnerability in ksmbd was found where the conn->binding flag remained set after SESSION_SETUP, allowing global session lookup for connections not bound to that session. The fix tightens the global lookup to require the session to have the connection registered in its channel xarray.

