Tag
critical
advisory
FastGPT NoSQL Injection Vulnerability (CVE-2026-40351)
2 rules 1 TTP 1 CVE 3 IOCsFastGPT versions before 4.14.9.5 are vulnerable to NoSQL injection, allowing unauthenticated attackers to bypass authentication and gain administrative access.
NoSQL injection
authentication bypass
CVE-2026-40351
FastGPT
2r
1t
1c
3i
high
advisory
FastGPT NoSQL Injection Vulnerability in Password Change Endpoint
2 rules 2 TTPs 1 CVEFastGPT versions prior to 4.14.9.5 are vulnerable to NoSQL injection in the password change endpoint, allowing authenticated attackers to bypass password verification and perform account takeover.
nosql-injection
account-takeover
cve
fastgpt
privilege-escalation
2r
2t
1c
critical
advisory
UniFi Network Application Vulnerabilities CVE-2026-22557 and CVE-2026-22558
2 rules 2 TTPsA combination of path traversal (CVE-2026-22557) and NoSQL injection (CVE-2026-22558) vulnerabilities in the UniFi Network Application allows attackers to access files, escalate privileges, and potentially compromise the entire system.
unifi
path-traversal
nosql-injection
cve-2026-22557
cve-2026-22558
2r
2t