Tag
critical
advisory
CVE-2026-46840 - Oracle REST Data Services Takeover Vulnerability
2 rules 1 CVECVE-2026-46840 is a critical vulnerability in Oracle REST Data Services (ORDS) that allows an unauthenticated attacker with network access to achieve complete takeover of the service, potentially impacting additional products due to scope change.
REST Data Services
oracle
rds
rest
vulnerability
cve-2026-46840
takeover
2r
1c
high
advisory
Bitwarden Server Missing Authorization Vulnerability Leading to Organization Takeover (CVE-2026-43639)
2 rules 1 TTP 1 CVEBitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability (CVE-2026-43639) that allows a provider service user to add an arbitrary organization to their provider via `POST /providers/{providerId}/clients/existing`, resulting in takeover of the target organization in cloud-hosted deployments.
Bitwarden Server
cve
bitwarden
takeover
missing-authorization
cloud
2r
1t
1c