Tag
Automad Unauthenticated Exposure of Administrator Password Hashes and TOTP Secrets
2 rules 2 TTPsAutomad versions 2.0.0-alpha.1 through 2.0.0-beta.27 are vulnerable to CVE-2026-45332, a Broken Access Control vulnerability that allows an unauthenticated attacker to retrieve bcrypt password hashes of administrator accounts using a single POST request to the `/_api/user-collection/create-first-user` endpoint, potentially leading to credential compromise and information disclosure.
Open WebUI Broken Access Control Allows Unauthorized Access to Conversations (CVE-2026-45349)
2 rules 1 TTPOpen WebUI versions 0.8.12 and earlier are vulnerable to CVE-2026-45349, a broken access control issue where any user can continue the conversation of another user if they know the Chat ID, by using the /api/chat/completions endpoint with their own API key, allowing unauthorized access to private conversations and information.
Paperclip Cross-Tenant Agent API Token Minting Vulnerability
2 rules 3 TTPsA vulnerability in Paperclip allows any authenticated user to mint agent API tokens for other tenants, leading to unauthorized access and control due to missing company access checks.
wger Broken Access Control in Global Gym Configuration Update Endpoint
2 rules 1 TTPThe wger application has a broken access control vulnerability in the global gym configuration update endpoint, allowing low-privileged authenticated users to modify installation-wide configuration settings and escalate privileges.
Genealogy PHP Application Broken Access Control Vulnerability (CVE-2026-39355)
2 rules 6 TTPs 1 CVEA critical broken access control vulnerability (CVE-2026-39355) in Genealogy PHP application versions prior to 5.9.1 allows authenticated users to transfer ownership of arbitrary teams, leading to complete takeover of team workspaces and unrestricted data access.
Open WebUI Broken Access Control Vulnerability (CVE-2026-34222)
2 rules 3 TTPs 1 CVEA broken access control vulnerability in Open WebUI versions prior to 0.8.11 (CVE-2026-34222) allows authenticated users to potentially access or modify tool values they should not be authorized to, leading to privilege escalation and unauthorized configuration changes.
Avo Framework Broken Access Control Vulnerability
2 rules 1 TTPAvo framework version 3.x contains a critical Broken Access Control vulnerability in the ActionsController. Due to insecure action lookup logic, an authenticated user can execute any Action class on any resource, even if the action is not registered for that specific resource. This leads to Privilege Escalation and unauthorized data manipulation across the entire application. Version 3.31.2 remediates this issue.