•39 minutes ago•GHSA-M837-XVXR-VQWG
6.9GHSA-m837-xvxr-vqwg: Hardcoded CORS Wildcard Enables Cross-Origin Credential Abuse in Flowise
Flowise versions prior to 3.1.2 contain a hardcoded CORS wildcard on the Text-to-Speech (TTS) endpoint. This configuration bypasses the application's global security policies and enables cross-origin credential abuse, leading to unauthorized resource consumption and potential financial impact via third-party API quota exhaustion.
1 views•5 min read
•about 8 hours ago•CVE-2026-45829
10.0CVE-2026-45829: Pre-Authentication Remote Code Execution in ChromaDB via ChromaToast
CVE-2026-45829, commonly referred to as ChromaToast, is a critical Pre-Authentication Remote Code Execution (RCE) vulnerability affecting the ChromaDB vector database. The flaw exists in the handling of embedding function configurations during collection creation, allowing unauthenticated attackers to execute arbitrary Python code on the server or client applications.
12 views•5 min read
•about 8 hours ago•CVE-2026-9082
6.5CVE-2026-9082: Unauthenticated SQL Injection in Drupal Core PostgreSQL Driver
Drupal Core contains a highly critical SQL injection vulnerability (CVE-2026-9082) within its Database Abstraction API. The flaw specifically affects installations using the PostgreSQL database backend, allowing unauthenticated attackers to execute arbitrary SQL commands via crafted array keys in filter parameters.
80 views•5 min read
•about 9 hours ago•GHSA-59FH-9F3P-7M39
5.3GHSA-59FH-9F3P-7M39: Mass Assignment in Flowise Profile Update Endpoint
A mass assignment vulnerability in the Flowise profile update endpoint allows authenticated users to directly modify their database records. By injecting the `credential` field into a `PUT` request, an attacker can overwrite their password hash, bypassing standard security controls and enabling persistent account access.
7 views•5 min read
•about 10 hours ago•GHSA-C2C9-MFW7-P8HW
5.3GHSA-C2C9-MFW7-P8HW: Cross-Workspace Chatflow Disclosure in Flowise
An Incorrect Authorization vulnerability in Flowise versions up to 3.1.1 allows cross-workspace information disclosure. The `/api/v1/chatflows/apikey/:apikey` endpoint fails to scope database queries by workspace, exposing unprotected chatflow configurations, LLM prompts, and application metadata across the entire instance.
6 views•4 min read
•about 11 hours ago•CVE-2026-46333
7.1CVE-2026-46333: Local Information Disclosure in Linux Kernel Process Exit Path
CVE-2026-46333 is a high-severity race condition in the Linux kernel process management subsystem, specifically involving the get_dumpable() logic during process exit. Local attackers can exploit this timing window to hijack file descriptors belonging to privileged SUID/SGID processes, leading to the disclosure of sensitive files such as SSH private keys and shadow password hashes.
27 views•6 min read
•about 12 hours ago•GHSA-9QV9-8XV6-5P35
7.0GHSA-9qv9-8xv6-5p35: Unauthenticated Password Reset and Enumeration Flaw in phpMyFAQ
phpMyFAQ versions 4.1.2 and prior contain a critical logic flaw in the REST API password recovery mechanism. The endpoint processes password resets in a single, unauthenticated step, allowing remote attackers to forcefully change database credentials for arbitrary accounts while facilitating user enumeration through observable response discrepancies.
4 views•6 min read
•about 20 hours ago•GHSA-XVP4-PHQJ-CJR3
8.8GHSA-XVP4-PHQJ-CJR3: Insecure Direct Object Reference (IDOR) Leading to Account Takeover in phpMyFAQ
phpMyFAQ versions prior to 4.1.3 contain a critical Insecure Direct Object Reference (IDOR) vulnerability within the administration API. An authenticated attacker with basic user-edit privileges can exploit this flaw to overwrite the password of any higher-privileged user, including the SuperAdmin account. This leads to complete application compromise.
5 views•6 min read
•about 20 hours ago•GHSA-GP95-J463-VV28
7.5GHSA-GP95-J463-VV28: Authentication Bypass via Insecure Default Token in phpMyFAQ REST API
phpMyFAQ contains an authentication bypass vulnerability within its REST API architecture introduced in version 4.0. The vulnerability stems from insecure default initialization of the API client token to an empty string, coupled with flawed comparative logic in the authentication controller. This allows unauthenticated remote attackers to bypass authorization checks and interact with administrative API endpoints.
4 views•6 min read
•about 21 hours ago•GHSA-W9XH-5F39-VQ89
7.1GHSA-w9xh-5f39-vq89: Authentication Bypass and Account Takeover via Weak Password Recovery in phpMyFAQ
phpMyFAQ versions prior to 4.1.3 contain a critical authentication bypass and account takeover vulnerability due to a flawed password recovery mechanism. The application processes password reset requests without requiring cryptographic token verification, allowing unauthenticated attackers to arbitrarily change passwords and lock out legitimate users.
4 views•6 min read
•1 day ago•CVE-2026-40370
8.8CVE-2026-40370: Authenticated Remote Code Execution in Microsoft SQL Server via Path Manipulation
CVE-2026-40370 is a high-severity Remote Code Execution (RCE) vulnerability affecting Microsoft SQL Server versions 2016 through 2025. It stems from improper path validation (CWE-73) in internal stored procedures, allowing an authenticated user with low privileges to execute arbitrary code within the context of the SQL Server service account.
9 views•6 min read
•1 day ago•CVE-2026-32175
7.5CVE-2026-32175: Absolute Path Traversal and Arbitrary File Write in .NET Core Archive Extraction
CVE-2026-32175 is a high-severity tampering vulnerability affecting .NET Core versions 8.0, 9.0, and 10.0 on Windows platforms. The vulnerability stems from an Absolute Path Traversal (CWE-36) flaw in the extraction mechanisms handling NuGet packages and application bundles. An unauthenticated remote attacker can exploit this weakness by providing a specially crafted archive file. The extraction logic fails to sanitize archive entry names containing absolute paths, leading to arbitrary file writes on the host system. Successful exploitation allows the attacker to compromise application integrity by overwriting critical system files or planting malicious executables.
8 views•7 min read