Tag

Improper-Authentication

2 briefs RSS

CVE-2026-10167 Improper Authentication in OUSL-GROUP-BrinaryBrains School Student Management System

CVE-2026-10167 is an improper authentication vulnerability in OUSL-GROUP-BrinaryBrains School Student Management System allowing a remote attacker to manipulate the 'role' argument to bypass authentication.

exploited School Student Management System cve-2026-10167 improper-authentication web-application

2r 1t 1c 3w ago

high advisory

WWBN AVideo Unauthenticated decryptString Vulnerability

2 rules 1 TTP

WWBN AVideo, up to version 26.0, contains an improper authentication vulnerability (CVE-2026-33512) in the API plugin's `decryptString` action, allowing unauthenticated users to decrypt publicly accessible ciphertext and potentially recover protected tokens/metadata.

cve-2026-33512 avideo improper-authentication api-vulnerability

2r 1t Mar 24, 2026