Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Common Vulnerability Scoring System171531
0
10
CVE-2026-45703
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.4||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:52
Updated-17 Jul, 2026 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pimcore: WordExport Authorization Bypass for Unauthorized Document Export

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 (LTS) and 12.3.7, the WordExport export flow in bundles/WordExportBundle/src/Controller/TranslationController.php only checks the word_export feature permission and directly resolves attacker-controlled type/id input without enforcing view permission on page, snippet, email, or object elements, allowing a low-privileged backend user to export document content the user is not allowed to view. This issue is fixed in versions 11.5.17 (LTS) and 12.3.7.

Action-Not Available
Vendor-Pimcore
Product-pimcore
CWE ID-CWE-862
Missing Authorization
CVE-2026-48487
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:28
Updated-17 Jul, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zeroconf: Unvalidated rdlength in record payload readers allows LAN-local cache corruption via crafted mDNS packet

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.16, _read_character_string and _read_string in src/zeroconf/_protocol/incoming.py advanced self.offset by attacker-declared RDLENGTH without checking it against self._data_len, allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to send a TXT, HINFO, or A/AAAA record with rdlength=65535 and seed DNSCache and ServiceInfo.properties with truncated, attacker-shaped key/value or address records. This issue is fixed in version 0.149.16.

Action-Not Available
Vendor-python-zeroconf
Product-python-zeroconf
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CVE-2026-48045
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:26
Updated-17 Jul, 2026 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zeroconf: Unbounded TC-deferred queue allows LAN-local memory exhaustion via spoofed-source flood

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.12, AsyncListener.handle_query_or_defer retained every truncated TC-bit incoming query, each up to _MAX_MSG_ABSOLUTE = 8966 bytes, in self._deferred[addr] and armed a per-address timer in self._timers[addr] without capping the per-address list or distinct addr keys, allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to spoof sources, grow _deferred and _timers, and cause memory exhaustion and quadratic CPU burn. This issue is fixed in version 0.149.12.

Action-Not Available
Vendor-python-zeroconf
Product-python-zeroconf
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-47184
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:25
Updated-17 Jul, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zeroconf: Unbounded DNS record cache allows LAN-local memory exhaustion via multicast flood

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.7, DNSCache._async_add inserted every response record into cache, _expirations, _expire_heap, and service_cache without a cap, allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to multicast valid mDNS responses with unique names and cause memory exhaustion, slower cache lookups, slower async_expire passes, and broken discovery, registration, and ServiceBrowser callbacks. This issue is fixed in version 0.149.7.

Action-Not Available
Vendor-python-zeroconf
Product-python-zeroconf
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-47183
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:22
Updated-17 Jul, 2026 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.6, DNSIncoming._log_exception_debug and the four QuietLogger exception-dedup methods stored an unbounded _seen_logs dictionary keyed by attacker-influenced IncomingDecodeError messages, retaining sys.exc_info() tracebacks whose frame locals kept raw packet self.data buffers and allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to drive memory growth until mDNS-dependent features degrade or the process is OOM-killed. This issue is fixed in version 0.149.6.

Action-Not Available
Vendor-python-zeroconf
Product-python-zeroconf
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-47180
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:21
Updated-17 Jul, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zeroconf: Unbounded recursion in DNS compression-pointer decoder allows LAN-local denial of service

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.5, DNSIncoming._decode_labels_at_offset recurses once per DNS-name compression pointer, and a single mDNS packet carrying chained pointers can trigger a RecursionError that escapes DNSIncoming.__init__, causing sustained CPU burn, log flooding, and degraded mDNS-dependent features for unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb). This issue is fixed in version 0.149.5.

Action-Not Available
Vendor-python-zeroconf
Product-python-zeroconf
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2026-49835
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:16
Updated-17 Jul, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sigstore Timestamp Authority: OOM due to unbounded metric label cardinality

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.1.0, the global wrapMetrics middleware records raw HTTP request path r.URL.Path and raw HTTP request method r.Method as Prometheus labels for latency and request count metric vectors before routing, allowing an unauthenticated remote attacker to issue requests with random paths such as /api/v1/timestamp/<uuid> or random HTTP methods and create unbounded permanent time-series entries that exhaust memory. This issue is fixed in version 2.1.0.

Action-Not Available
Vendor-sigstore
Product-timestamp-authority
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-16073
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 18:15
Updated-17 Jul, 2026 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AstrBotDevs AstrBot T2I Feature base.py NetworkRenderStrategy.render cross site scripting

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this issue is the function Star.text_to_image/NetworkRenderStrategy.render of the file astrbot/core/star/base.py of the component T2I Feature. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-AstrBotDevs
Product-AstrBot
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-48009
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:58
Updated-17 Jul, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shopware: Admin Account Takeover via User Recovery Hash Exposure

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with user_recovery:read ACL can take over any admin account by triggering POST /api/_action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PATCH /api/_action/user/user-recovery/password; the root cause is that src/Core/System/User/Recovery/UserRecoveryDefinition.php exposes the hash field through the Admin API without ApiAware(false) or ReadProtection. This issue is fixed in versions 6.6.10.18 and 6.7.10.1.

Action-Not Available
Vendor-shopware
Product-shopwareplatform
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-48014
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:56
Updated-17 Jul, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shopware: Admin API ACL Bypass in Order State Transition Endpoints

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the order state transition features /api/_action/order/{orderId}/state/{transition} and similar transaction and delivery transition routes in src/Core/Checkout/Order/Api/OrderActionController.php do not declare PlatformRequest::ATTRIBUTE_ACL or perform an explicit privilege check, so AclAnnotationValidator exits when route ACL metadata is absent and low-privileged users without order:update, order_transaction:update, or order_delivery:update can trigger StateMachineRegistry::transition() writes in SYSTEM_SCOPE. This issue is fixed in versions 6.6.10.18 and 6.7.10.1.

Action-Not Available
Vendor-shopware
Product-shopwareplatform
CWE ID-CWE-862
Missing Authorization
CVE-2026-48010
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:55
Updated-17 Jul, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shopware: Privilege escalation: non-admin user with user:create ACL can create admin accounts

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, UserController::upsertUser() in src/Core/Framework/Api/Controller/UserController.php writes raw user data in SYSTEM_SCOPE without filtering the admin field, so a non-admin API user with user:create or user:update ACL permission can set admin: true on new or existing users; IntegrationController::upsertIntegration() contains an isAdmin() check for the same field, but UserController was missing this check. This issue is fixed in versions 6.6.10.18 and 6.7.10.1.

Action-Not Available
Vendor-shopware
Product-shopwareplatform
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-48016
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:54
Updated-17 Jul, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shopware: Unauthorized Payment Trigger for Foreign Orders via /store-api/handle-payment

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the Store API endpoint /store-api/handle-payment in src/Core/Checkout/Payment/SalesChannel/HandlePaymentMethodRoute.php accepts a user-controlled orderId and forwards it to src/Core/Checkout/Payment/PaymentProcessor.php without verifying order ownership or guest-order authentication, allowing a normal customer or guest context to trigger the payment flow for another user's order while /store-api/order enforces the expected ownership model. This issue is fixed in versions 6.6.10.18 and 6.7.10.1.

Action-Not Available
Vendor-shopware
Product-shopwareplatform
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-48015
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-4.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:53
Updated-17 Jul, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shopware: Stored XSS via SVG file upload — no SVG sanitization

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, SVG files are in the allowed_extensions whitelist in src/Core/Framework/Resources/config/packages/shopware.yaml and can be uploaded via the media manager without SVG content sanitization in the upload pipeline from MediaUploadController to FileSaver to TypeDetector, allowing malicious SVG JavaScript such as onload, <script>, and <foreignObject> to execute in the Shopware domain when the uploaded SVG is viewed. This issue is fixed in versions 6.6.10.18 and 6.7.10.1.

Action-Not Available
Vendor-shopware
Product-shopwareplatform
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-48008
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:47
Updated-17 Jul, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shopware: Privilege Escalation via Sync API Integration Admin Flag Bypass

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a non-admin API user with integration:create ACL privilege can escalate to full administrator by creating an integration with admin: true through the Sync API POST /api/_action/sync; the regular integration endpoint POST /api/integration blocks this, but SyncController::sync() routes writes through SyncService to EntityWriter::upsert(), and src/Core/Framework/Integration/IntegrationDefinition.php lacks WriteProtection on the admin field. This issue is fixed in versions 6.6.10.18 and 6.7.10.1.

Action-Not Available
Vendor-shopware
Product-shopwareplatform
CWE ID-CWE-862
Missing Authorization
CVE-2026-21761
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.2||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:10
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CORS Misconfiguration in DevOps Loop

HCL DevOps Loop is affected by a Cross-Origin Resource Sharing (CORS) misconfiguration. Improper CORS configuration may allow unauthorized cross-origin requests, potentially exposing application resources to untrusted domains.

Action-Not Available
Vendor-HCLSoftware
Product-DevOps Loop
CWE ID-CWE-942
Permissive Cross-domain Policy with Untrusted Domains
CVE-2026-21760
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.6||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 17:06
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthorized Access to Admin Functionality via Forced Browsing

HCL DevOps Loop is affected by an Unauthorized Access to Admin Functionality (Forced Browsing) vulnerability. Improper authorization checks may allow unauthorized users to access restricted administrative functionality by directly accessing protected application endpoints.

Action-Not Available
Vendor-HCLSoftware
Product-DevOps Loop
CWE ID-CWE-425
Direct Request ('Forced Browsing')
CVE-2026-16104
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:43
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak-services: keycloak-services: authenticator config endpoint exposes raw recaptcha secrets to view-only admins

A flaw was found in the authentication configuration endpoint of the keycloak-services component, which is the core engine for Red Hat Build of Keycloak identity and access management. The issue occurs because the system fails to mask sensitive configuration values, such as reCAPTCHA secret keys, when they are requested by administrators with view-only permissions. This can lead to the exposure of third-party service credentials to unauthorized personnel or through administrative logs.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Build of KeycloakRed Hat Data Grid 8Red Hat Single Sign-On 7
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2026-16106
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:43
Updated-17 Jul, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak-services: keycloak-services: incorrect authorization in admin role-composite deletion allows delegated admin to remove privileged child roles

A flaw was found in the admin REST API of Keycloak, a solution for identity and access management. The issue occurs when a delegated administrator attempts to remove a child role from a composite role. Due to missing authorization checks, an attacker with limited administrative permissions can remove privileged roles they are not authorized to manage, leading to a loss of access for other users and administrators.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Build of KeycloakRed Hat Data Grid 8Red Hat Single Sign-On 7
CWE ID-CWE-862
Missing Authorization
CVE-2026-16093
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-5.4||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:42
Updated-17 Jul, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak-services: keycloak-services: required signed-jwt assertion policy can be bypassed with unsigned assertion headers

Keycloak provides a mechanism called Client Policies to enforce security requirements on clients, such as requiring them to use signed JWTs for authentication. A flaw was discovered where this enforcement can be bypassed. An attacker with valid client credentials can provide a fake, unsigned assertion header that tricks the system into thinking the policy requirements have been met. This allows the attacker to authenticate using simpler methods like a client secret even when the administrator has mandated more secure, signed assertions.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Build of KeycloakRed Hat Data Grid 8Red Hat Single Sign-On 7
CWE ID-CWE-807
Reliance on Untrusted Inputs in a Security Decision
CVE-2026-44722
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:42
Updated-17 Jul, 2026 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
pyzipper: Encryption bypass for small files encrypted with pyzipper

pyzipper is a replacement for Python's zipfile that can read and write AES encrypted zip files. Prior to 0.4.0, a Python operator precedence bug in pyzipper/zipfile_aes.py caused the AE-2 format to never be automatically selected during encryption, causing encrypted entries to be written in AE-1 format and exposing the plaintext CRC32 checksum in the ZIP header and, for unseekable zip archives, in the datadescripter section, allowing an attacker who possesses the archive to brute-force candidate plaintexts for small or low-entropy files by comparing CRC32 values. This issue is fixed in version 0.4.0.

Action-Not Available
Vendor-danifus
Product-pyzipper
CWE ID-CWE-480
Use of Incorrect Operator
CVE-2026-49216
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-5.1||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:15
Updated-17 Jul, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symfony UX: XSS in symfony/ux-autocomplete via unescaped AJAX response data

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, the Stimulus controller in symfony/ux-autocomplete renders AJAX response items in _createAutocompleteWithRemoteData() by interpolating the text field into HTML template literals (<div>${item[labelField]}</div>) rather than text, allowing attacker-controlled markup from user-supplied dropdown values to execute in the browser of any user who opens an autocomplete widget backed by the same data. This issue is fixed in versions 2.36.0 and 3.1.0.

Action-Not Available
Vendor-symfony
Product-ux
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-63309
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:14
Updated-17 Jul, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SurrealDB < 3.1.5 Information Disclosure via ORDER BY

SurrealDB before 3.1.5 fail to apply field-level SELECT permissions to ORDER BY clauses, allowing authenticated users to leak the relative ordering of restricted field values. Attackers can issue ORDER BY queries on indexed restricted fields to recover the hidden values' sort order across records, even though the field itself returns null as intended.

Action-Not Available
Vendor-surrealdb
Product-surrealdb
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-49211
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:14
Updated-17 Jul, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symfony UX: Information exposure via unescaped LIKE wildcards in EntitySearchUtil

Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, Symfony\UX\Autocomplete\Doctrine\EntitySearchUtil::addSearchClause() builds the LIKE expression used by the autocomplete endpoint by wrapping the client-supplied query in %...% without escaping SQL LIKE wildcards (%, _, \), allowing unauthenticated users to turn the public BaseEntityAutocompleteType endpoint into a broad matcher or blind boolean oracle against every column in default searchable_fields. This issue is fixed in versions 2.36.0 and 3.1.0.

Action-Not Available
Vendor-symfony
Product-ux
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-63308
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:14
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Helm Files.Lines Denial of Service via Empty Chart Files

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in Helm charts to cause deterministic render failures across template, install, upgrade, lint, and SDK Engine.Render operations.

Action-Not Available
Vendor-helm
Product-helm
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-63307
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:13
Updated-17 Jul, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chat2DB < 5.3.0 Insecure Direct Object Reference via GET /api/connection/datasource

Chat2DB before 5.3.0 contains an insecure direct object reference vulnerability in the GET /api/connection/datasource/{id} endpoint. The handler calls dataSourceService.queryExistent(id, ...) without an ownership check and returns the decrypted password field, allowing any authenticated non-admin user to enumerate datasource IDs and read the plaintext database credentials of datasources owned by other users.

Action-Not Available
Vendor-OtterMind
Product-Chat2DB
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-49208
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:10
Updated-17 Jul, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symfony UX: Format-less date LiveProps parsed with the permissive DateTime constructor

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, when a #[LiveProp] is typed as DateTimeInterface and no explicit format is configured, Symfony\UX\LiveComponent\LiveComponentHydrator::hydrateObjectValue() falls back to new $className($value), allowing client-supplied relative strings such as now, tomorrow, or +10 years to move a writable, format-less date prop past time-based business logic checks. This issue is fixed in versions 2.36.0 and 3.1.0.

Action-Not Available
Vendor-symfony
Product-ux
CWE ID-CWE-20
Improper Input Validation
CVE-2026-49212
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:03
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symfony UX: LiveComponentHydrator HMAC checksum lacks component and slot binding

Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, the HMAC computed by Symfony\UX\LiveComponent\LiveComponentHydrator covered only sorted prop key/value pairs and did not include the component name, the slot identifier (props vs propsFromParent), or request context, allowing a signed blob minted for one component or slot to be replayed in another and set a read-only prop on a target component. This issue is fixed in versions 2.36.0 and 3.1.0.

Action-Not Available
Vendor-symfony
Product-ux
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2026-49209
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 16:02
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symfony UX: Denial of service in symfony/ux-live-component via unbounded batch action requests

Symfony UX is a JavaScript ecosystem for Symfony. From 2.5.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Controller\BatchActionController::__invoke() iterates over the client-supplied actions array and issues a full HttpKernel sub-request for each entry; because the array size is never bounded, an authenticated client can submit a single _batch request containing thousands of actions and exhaust CPU, memory, and database connections on the application server. This issue is fixed in versions 2.36.0 and 3.1.0.

Action-Not Available
Vendor-symfony
Product-ux
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-11763
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-6.5||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:56
Updated-17 Jul, 2026 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IDOR in GIS Informatics' GisLab Laboratory Management System

Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows Exploitation of Trusted Identifiers. This issue affects GisLab Laboratory Management System: from 1.4.03 through 08072026.

Action-Not Available
Vendor-Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc.
Product-GisLab Laboratory Management System
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-63100
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:45
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Maybe 0.6.0 Missing Authorization via HostingsController show/update

Maybe through 0.6.0 contains a missing authorization vulnerability that allows authenticated low-privilege member-role users to access and modify global hosting settings by exploiting unprotected show and update actions in the Settings::HostingsController, where the before_action ensure_admin filter is applied only to the clear_cache action. Attackers can read the operator's Synth API key rendered in plaintext via a form field value attribute, overwrite it with an attacker-controlled value, toggle public registration settings, and disable email confirmation requirements to disrupt the entire instance.

Action-Not Available
Vendor-maybe-finance
Product-maybe
CWE ID-CWE-862
Missing Authorization
CVE-2026-63099
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:39
Updated-17 Jul, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TheHive 4.1.24 Broken Object Level Authorization via Attachment Download Endpoints

TheHive through 4.1.24 contains a broken object-level authorization vulnerability in the attachment download endpoints that allows any authenticated user to access attachments belonging to other organizations by supplying a content-hash identifier. Attackers can exploit the missing organization-scoped authorization check in AttachmentSrv.visible, which is implemented as a pass-through traversal, to download arbitrary attachments.

Action-Not Available
Vendor-TheHive-Project
Product-TheHive
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-63098
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:38
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TheHive 4.1.24 Unauthenticated Information Disclosure via /api/status Endpoint

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler. Attackers can obtain the datastore attachment protection password, configured authentication providers, SSO settings, MFA capabilities, and clustered node addresses and roles without any credentials.

Action-Not Available
Vendor-TheHive-Project
Product-TheHive
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-63097
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:32
Updated-17 Jul, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dendrite 0.13.8 syncapi /context Endpoint Post-Leave State Exposure

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint (syncapi/routing/context.go) that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while ignoring IsInRoom, HasBeenInRoom, and Membership fields. Attackers who have left a room can call the rooms context API endpoint for a previously permitted event and receive unfiltered current room state that the /messages and /sync endpoints correctly withhold.

Action-Not Available
Vendor-The Matrix.org Foundation
Product-dendrite
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-63096
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:30
Updated-17 Jul, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dendrite 0.13.8 SSRF via Unauthenticated Legacy Media Download Endpoint

Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows unauthenticated attackers to cause the server to open outbound TLS connections to arbitrary hosts and ports by supplying an unvalidated serverName parameter to the legacy media download endpoint. Attackers can exploit distinguishable error response classes and leaked internal IP addresses in error messages to perform blind port scanning and enumerate internal network topology.

Action-Not Available
Vendor-The Matrix.org Foundation
Product-dendrite
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-63095
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:27
Updated-17 Jul, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dendrite 0.13.8 Improper Authorization via POST account/3pid/delete Endpoint

Dendrite through 0.13.8 contains an improper authorization vulnerability in the Matrix Client-Server API that allows any authenticated local user to delete third-party identifier bindings belonging to other users by submitting an arbitrary address and medium to the account deletion endpoint without ownership verification. Attackers can exploit the unverified Forget3PID handler to remove a victim's email or MSISDN binding and subsequently rebind the address through an identity server to hijack the victim's password reset flow.

Action-Not Available
Vendor-The Matrix.org Foundation
Product-dendrite
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-15783
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Assigner-GitHub, Inc. (Products Only)
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:20
Updated-17 Jul, 2026 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed reading private repository metadata via delegated bypass rule suites

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with write access to any repository to read metadata from private repositories they did not have access to, including private repository owners and names, branch names, commit SHAs, commit messages, and the pushing actor. The delegated bypass endpoint resolved a rule suite directly from an attacker-supplied, encoded identifier without verifying that the requesting user could read the rule suite's repository, and because these identifiers are sequential an attacker could enumerate them across the instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.22 and was fixed in versions 3.17.18, 3.18.12, 3.19.9, 3.20.5, and 3.21.3. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-Enterprise Server
CWE ID-CWE-862
Missing Authorization
CVE-2026-15007
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Assigner-GitHub, Inc. (Products Only)
CVSS Score-5.7||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 15:16
Updated-17 Jul, 2026 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service vulnerability in GitHub Enterprise Server allowed service disruption via deeply nested YAML in release notes configuration

A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to cause service disruption by supplying a repository release notes configuration file containing deeply nested YAML. When release notes were generated, the configuration file was parsed without a nesting depth limit, causing excessive resource consumption that could render the instance unresponsive. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.22 and was fixed in versions 3.17.18, 3.18.12, 3.19.9, 3.20.5, and 3.21.3. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-Enterprise Server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-12705
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-5.9||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 14:30
Updated-17 Jul, 2026 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integrity mechanism of KNX-device FW-files can be bypassed in ABB Update Tool

Missing support for integrity check vulnerability in ABB KNX Update Tool (ABB), ABB KNX Update Tool (BJE). This issue affects KNX Update Tool (ABB): through 2.0.175; KNX Update Tool (BJE): through 2.0.175.

Action-Not Available
Vendor-ABB
Product-KNX Update Tool (ABB)KNX Update Tool (BJE)
CWE ID-CWE-353
Missing Support for Integrity Check
CVE-2026-16017
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 14:15
Updated-17 Jul, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mosaxiv clawlet cron Chat Tool tool_cron.go remove authorization

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function list/remove of the file tools/tool_cron.go of the component cron Chat Tool. The manipulation results in missing authorization. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed with the label "not planned".

Action-Not Available
Vendor-mosaxiv
Product-clawlet
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-23572
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.2||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:51
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack as cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CVE-2024-23570
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:50
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is affected by clickjacking vulnerability Cross-Frame Scripting is an attack technique where an attacker loads a vulnerable application in an iFrame on his malicious site. The attacker can then launch a Clickjacking attack, which may lead to Phishing, Cross-Site Request Forgery, sensitive information leakage and more.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-23578
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.2||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:50
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack as the application implements an HTML5 cross-origin resource sharing (CORS) policy for this request that allows access from any domain (*-Wildcard).

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-942
Permissive Cross-domain Policy with Untrusted Domains
CVE-2024-23569
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:49
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack since the server is not configured with “X-XSS-Protection" header

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-692
Incomplete Denylist to Cross-Site Scripting
CVE-2024-23577
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:46
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header poisoning, server misconfigurations.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-20
Improper Input Validation
CVE-2024-23574
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:45
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack since It was found that a malicious actor can use brute-force techniques to either guess or confirm valid users in the system. Use renumeration is when a malicious actor can use brute-force techniques to either guess or confirm valid users in a system

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2024-42214
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:45
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack since HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the Web server which allows an attacker to narrow and intensify their efforts.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-692
Incomplete Denylist to Cross-Site Scripting
CVE-2024-23575
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:43
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack since the application returns detailed error messages that leak information about the processing on the server. An attacker may use the contents of error messages to help launch another ,more focused attack.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2024-23571
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:42
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attack since the application does not have an appropriate caching policy specifying the extent to which the page and its form fields should be cached. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-525
Use of Web Browser Cache Containing Sensitive Information
CVE-2024-23568
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:38
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to attacks since the server software version used by the application is revealed by the web server. Displaying version information of software could allow an attacker to determine which vulnerabilities are present in the software, particularly if an outdated software version is in use with published vulnerabilities.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-23565
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-Not Assigned
Published-17 Jul, 2026 | 13:36
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Aftermarket EPC is vulnerable to email flooding as the application does not have a proper mail limitation mechanism at Forget Password functionality. The actor could b e a human or an automated process such as a virus or bot. This could be used to cause a denial of service, compromise program logic or other consequences.

Action-Not Available
Vendor-HCLSoftware
Product-Aftermarket EPC
CWE ID-CWE-799
Improper Control of Interaction Frequency
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 3430
  • 3431
  • Next