Tag
Laravel Security Policy Bypass Vulnerability
1 rule 1 TTPA vulnerability in Laravel allows an attacker to bypass the security policy; specifically, laravel/framework versions 12.x before 12.60.0 and 13.x before 13.10.0 are affected (CVE-2026-48019).
Multiple Vulnerabilities in ImageMagick
2 rules 3 TTPsA remote, anonymous attacker can exploit multiple vulnerabilities in ImageMagick to cause a denial of service condition, disclose information, and bypass security mechanisms.
Multiple Vulnerabilities in Centreon Web Allow RCE and Security Bypass
2 rules 2 TTPsMultiple vulnerabilities in Centreon Web versions 25.10.x before 25.10.12 and versions before 24.10.25 allow a remote attacker to achieve arbitrary code execution and bypass security policies.
Multiple Vulnerabilities in GitLab Lead to DoS and Security Policy Bypass
2 rules 2 TTPs 5 CVEsMultiple vulnerabilities in GitLab CE/EE allow attackers to cause remote denial of service and bypass security policies in versions 18.11.x before 18.11.4, 19.x before 19.0.1, and before 18.10.7; these vulnerabilities are tracked as CVE-2026-1402, CVE-2026-2601, CVE-2026-2710, CVE-2026-4868, CVE-2026-5296, CVE-2026-6713, and CVE-2026-8716.
Firefox for iOS Security Policy Bypass Vulnerability
2 rules 1 TTPA vulnerability in Firefox for iOS versions prior to 151.1 allows an attacker to bypass the security policy (CVE-2026-9078).
SPIP Security Policy Bypass Vulnerability
2 rules 1 TTPA vulnerability in SPIP versions prior to 4.4.15 allows an attacker to bypass the security policy, potentially leading to unauthorized actions.
Sparx Systems Enterprise Architect Security Bypass Vulnerability
2 rules 1 TTPA remote, authenticated attacker can exploit a vulnerability in Sparx Systems Enterprise Architect to bypass security precautions.
Kemp LoadMaster and Progress Software MOVEit WAF: Multiple Vulnerabilities
2 rules 2 TTPsMultiple vulnerabilities in Kemp LoadMaster and Progress Software MOVEit WAF could allow an attacker to execute arbitrary code or circumvent security measures.
@hulumi/policies Evidence Bypass Vulnerability
2 rules@hulumi/policies versions before 1.3.2 allowed unrelated compliant-looking evidence to suppress violations for different zones, hostnames, origins, or repositories in the same stack, bypassing Cloudflare and deployment-governance guardrails.
Multiple Vulnerabilities in Progress MOVEit Automation
2 rules 2 TTPs 4 CVEsMultiple vulnerabilities in Progress MOVEit Automation allow for remote denial of service, security policy bypass, and unspecified security issues.
Multiple Vulnerabilities in Atlassian Products
2 rules 4 TTPsMultiple vulnerabilities exist in Atlassian products including Bamboo, Bitbucket, Confluence, Crucible, Fisheye, and Jira which could lead to arbitrary code execution, denial of service, information disclosure, cross-site scripting, and security bypass.
Apache Tomcat Security Bypass Vulnerability
2 rules 1 TTPA remote, anonymous attacker can exploit a vulnerability in Apache Tomcat to bypass security measures.
Keycloak Security Bypass Vulnerability
2 rules 1 TTPAn authenticated remote attacker can exploit a vulnerability in Keycloak to bypass security measures.
Multiple Vulnerabilities in Microsoft Edge Allow for Remote Code Execution and Security Policy Bypass
2 rules 1 TTP 4 CVEsMultiple vulnerabilities in Microsoft Edge prior to version 148.0.3967.70 allow a remote attacker to execute arbitrary code and bypass security policies.
Budibase Security Bypass Vulnerability
2 rules 1 TTPAn authenticated remote attacker can exploit a vulnerability in Budibase to bypass security measures and manipulate data.
Multiple Vulnerabilities in Tenable Network Monitor
2 rules 2 TTPs 5 CVEsMultiple vulnerabilities in Tenable Network Monitor versions prior to 6.5.4 can lead to remote denial of service, security policy bypass, and unspecified security issues.
VMware Tanzu Spring Framework Security Bypass Vulnerability
2 rules 1 TTPA remote, anonymous attacker can exploit a vulnerability in VMware Tanzu Spring Framework to bypass security measures.
Adobe Commerce SSRF Vulnerability (CVE-2026-34647)
2 rules 1 TTP 1 CVEAdobe Commerce versions 2.4.9-beta1 and earlier are vulnerable to Server-Side Request Forgery (SSRF) via a maliciously crafted URL, potentially leading to security feature bypass and unauthorized read access.
Adobe Commerce Incorrect Authorization Vulnerability (CVE-2026-34645)
2 rules 1 TTP 1 CVEAdobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability (CVE-2026-34645) that could allow an attacker to bypass security measures and gain unauthorized write access without user interaction.
CPython Security Policy Bypass Vulnerability
2 rules 1 TTP 1 CVEA vulnerability in CPython, tracked as CVE-2026-7210, allows an attacker to bypass the security policy, requiring the latest security patch for mitigation.
Sonatype Nexus Repository Manager Security Bypass Vulnerability
2 rules 1 TTPAn authenticated remote attacker can exploit a vulnerability in Sonatype Nexus Repository Manager to bypass security precautions.
jq Vulnerability Allows Security Bypass
1 ruleA local attacker can exploit a vulnerability in jq to bypass security measures.
Rancher Fleet Helm Deployer Vulnerability Allows Security Bypass
2 rules 2 TTPsA remote, authenticated attacker can exploit a vulnerability in Rancher Fleet Helm Deployer to bypass security measures and disclose sensitive information, which may enable further attacks.
Multiple Vulnerabilities in Vaultwarden
2 rules 3 TTPsMultiple vulnerabilities in Vaultwarden could be exploited by an attacker to bypass security measures, conduct a denial-of-service attack, and disclose information, potentially leading to unauthorized access and service disruption.
Red Hat OpenShift Container Platform Security Bypass Vulnerability
2 rules 1 TTPA remote, authenticated attacker can exploit a vulnerability in Red Hat OpenShift Container Platform to bypass security measures.
Multiple Vulnerabilities in PaperCut Allow Data Confidentiality Breach and Security Policy Bypass
2 rules 2 TTPs 3 CVEsMultiple vulnerabilities in PaperCut Embedded App versions prior to 2.2.0 on Ricoh devices and PaperCut NG/MF versions prior to 25.0.11 allow attackers to compromise data confidentiality and bypass security policies, potentially leading to unauthorized access and control.
OpenClaw Security Bypass Vulnerability Allows Persistent Browser Profile Mutation
2 rules 1 TTP 1 CVEOpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows attackers to circumvent the browser.request persistent profile-mutation guard and modify browser configurations.
Windows BitLocker Security Feature Bypass Vulnerability (CVE-2026-27913)
2 rules 1 TTP 1 CVECVE-2026-27913 describes an improper input validation vulnerability in Windows BitLocker that allows a local attacker to bypass security features.
VMware Tanzu Spring Cloud Gateway Security Bypass Vulnerability
1 rule 1 TTPAn anonymous, remote attacker can exploit a vulnerability in VMware Tanzu Spring Cloud Gateway to bypass security measures, potentially gaining unauthorized access or control.
Red Hat Undertow Multiple Vulnerabilities Allow Security Bypass
2 rules 3 TTPsAn anonymous remote attacker can exploit multiple vulnerabilities in Red Hat Undertow to bypass security measures, manipulate data, and disclose sensitive information.
OpenBao Multiple Vulnerabilities Allow Security Bypass and XSS
2 rules 4 TTPsAn anonymous, remote attacker can exploit multiple vulnerabilities in OpenBao to bypass security measures or conduct cross-site scripting attacks.
VMware Tanzu Spring Framework and Spring Security Vulnerabilities Allow Security Bypass
2 rules 1 TTPAn anonymous, remote attacker can exploit multiple vulnerabilities in VMware Tanzu Spring Security and VMware Tanzu Spring Framework to bypass security measures.
Apache Commons BeanUtils Security Bypass Vulnerability
1 rule 1 TTPAn authenticated remote attacker can exploit a vulnerability in Apache Commons BeanUtils to bypass security measures, potentially leading to unauthorized access or privilege escalation.
MIT Kerberos Security Bypass Vulnerability
2 rules 1 TTPAn anonymous, remote attacker can exploit a vulnerability in MIT Kerberos to bypass security measures.