CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-57957
Medium

A vulnerability in Papermark up to version 0.22.0 is caused by a CORS misconfiguration, allowing unauthenticated remote attackers to perform credentialed cross-origin requests. Attackers exploit the TUS-based viewer upload endpoint that reflects arbitrary request Origins with Access-Control-Allow-Credentials set to true.

CVE-2026-57956
Medium

A vulnerability in SigNoz through version 0.130.1 allows authenticated users to access alert rules of other organizations by supplying a target rule UUID, as the alert rule store predicates fail to filter by organization ID. This enables bypassing multi-tenant access controls.

CVE-2026-57955
High

A SQL injection vulnerability in SigNoz through version 0.130.1 allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of alert-history endpoints. Attackers can read all stored traces, logs, and metrics, or abuse the url() function for server-side request forgery (SSRF).

CVE-2026-57954
Medium

Vulnerability in Elide through version 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across all rows via both JSON:API and GraphQL read paths.

CVE-2026-57953
Medium

A vulnerability in Mythic before version 3.4.0.60 allows authenticated spectator-role users to bypass authorization and perform unauthorized write operations. Attackers can exploit the misconfigured eventing_import_automatic_webhook endpoint to create and delete automation workflows.

CVE-2026-57952
Medium

Mythic before version 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpoints with a known payload UUID from another operation to access that operation's C2 profile configuration including encryption keys and callback parameters.

CVE-2026-57951
Medium

A vulnerability in Mythic before version 3.4.0.60 is caused by a broken Hasura permission filter on the payload_build_step table with an always-satisfied _or condition that bypasses operation-scoped access controls. Authenticated operators and spectators can query payload_build_step to read step_stdout, step_stderr, step_name, and step_description across all operations on the server.

CVE-2026-57950
High

A broken access control vulnerability in ruoyi-vue-pro through version 2026.05 (fixed in commit 5d1fd70) in ErpSaleOrderController allows attackers with erp:sale-out permissions to gain unauthorized access to sale order operations by exploiting incorrect permission namespace enforcement. Attackers can perform unauthorized create, update, delete, and read operations on financially sensitive sale orders.

CVE-2026-57949
Medium

A missing authorization vulnerability in the CRM module of ruoyi-vue-pro (up to version 2026.05, fixed in commit c779a47) exists in the GET /admin-api/crm/follow-up-record/get endpoint. Authenticated users can read any follow-up record by iterating sequential numeric IDs.

CVE-2026-57948
Medium

Pinpoint through version 3.1.0 contains an insecure session management vulnerability where the pinpointJwt session cookie lacks HttpOnly and Secure attributes. This allows attackers to access the cookie via JavaScript (document.cookie) and transmit it in cleartext over HTTP.

CVE-2026-57947
High

An SSRF vulnerability in Pinpoint through version 3.1.0 allows authenticated users to register internal URLs in the webhook registration endpoint due to missing SSRF protection. Attackers can trigger alarm threshold breaches to force the server to send POST requests to internal hosts and metadata endpoints, enabling unauthorized access to internal network resources.

CVE-2026-57946
Low

A broken access control vulnerability in Invidious before version 2.20260626.0 allows unauthenticated attackers to retrieve private playlist contents via the RSS feed playlist endpoint. Attackers can supply a playlist ID to obtain the full playlist contents, owner email address, and associated video entries without authentication.

CVE-2026-57945
Medium

A broken access control vulnerability in PhotoPrism before version 260601-a7d098548 allows authenticated non-admin users to modify other users' profile information. The missing session-to-user identifier validation in the PUT users API endpoint enables attackers to overwrite another user's profile details without authorization.

CVE-2026-57943
Medium

A vulnerability in LibrePhotos before version 1.0.0 in the SetPhotosShared endpoint allows authenticated users to bypass ownership validation and grant themselves access to other users' private photos. Attackers can manipulate shared_to relations without proper owner checks to read arbitrary private photos.

CVE-2026-57942
Medium

LibreTranslate through version 1.9.7 has an IP spoofing vulnerability in the get_remote_address() function. An unauthenticated attacker can inject arbitrary values into the X-Forwarded-For header, bypassing per-IP rate limiting and flood bans.

CVE-2026-56783
Medium

Parseable before version 2.9.2 exposes webhook tokens and basic-auth credentials in cleartext via notification-target API endpoints due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including low-privilege reader roles, can recover credentials and internal endpoint URLs for all configured notification targets.

CVE-2026-56782
Critical

A vulnerability in Gorse before version 0.5.10 allows authentication bypass in the /api/dump and /api/restore endpoints. Unauthenticated attackers can exfiltrate the entire database containing personally identifiable information or completely overwrite the dataset.

CVE-2026-56781
Medium

A vulnerability in Teable before the June 15, 2026 build allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from share metadata and read field values intended to be restricted from public view.

CVE-2026-56780
High

Modoboa before version 2.9.0 has an insecure direct object reference (IDOR) vulnerability in the PUT /api/v1/accounts/{pk}/password/ endpoint. Domain administrators can change any user's password, including superadmins, leading to full account takeover.

CVE-2026-56285
High

A vulnerability in Nitter allows unauthenticated attackers to exploit the /video media proxy endpoint to send HTTP requests to any host reachable by the server, including cloud metadata services and internal network resources. The issue stems from missing validation of target URLs against Twitter/X domains and the use of a hardcoded default HMAC key.

PreviousPage 95 of 4447Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS