CWE-266
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CVE-2025-9937 (GCVE-0-2025-9937)
Vulnerability from cvelistv5 – Published: 2025-09-03 23:32 – Updated: 2025-09-04 14:20
VLAI
Title
elunez eladmin LocalStorageController deleteFile improper authorization
Summary
A security flaw has been discovered in elunez eladmin 1.1. Impacted is the function deleteFile of the component LocalStorageController. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.322339 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.322339 | signaturepermissions-required |
| https://vuldb.com/?submit.643392 | third-party-advisory |
| https://www.cnblogs.com/aibot/p/19063329 | exploit |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9937",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T14:19:39.548860Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T14:20:12.906Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"LocalStorageController"
],
"product": "eladmin",
"vendor": "elunez",
"versions": [
{
"status": "affected",
"version": "1.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "aibot888 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in elunez eladmin 1.1. Impacted is the function deleteFile of the component LocalStorageController. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited."
},
{
"lang": "de",
"value": "In elunez eladmin 1.1 ist eine Schwachstelle entdeckt worden. Dabei geht es um die Funktion deleteFile der Komponente LocalStorageController. Durch die Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff l\u00e4sst sich \u00fcber das Netzwerk starten. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T23:32:07.846Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-322339 | elunez eladmin LocalStorageController deleteFile improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.322339"
},
{
"name": "VDB-322339 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.322339"
},
{
"name": "Submit #643392 | elunez eladmin latest broken function level authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.643392"
},
{
"tags": [
"exploit"
],
"url": "https://www.cnblogs.com/aibot/p/19063329"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-03T13:45:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "elunez eladmin LocalStorageController deleteFile improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9937",
"datePublished": "2025-09-03T23:32:07.846Z",
"dateReserved": "2025-09-03T11:40:01.249Z",
"dateUpdated": "2025-09-04T14:20:12.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-0574 (GCVE-0-2026-0574)
Vulnerability from cvelistv5 – Published: 2026-01-04 02:02 – Updated: 2026-02-23 08:11
VLAI
Title
yeqifu warehouse Request UserController.java saveUserRole improper authorization
Summary
A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function saveUserRole of the file warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component Request Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.339458 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.339458 | signaturepermissions-required |
| https://vuldb.com/?submit.729374 | third-party-advisory |
| https://github.com/5i1encee/Vul/blob/main/Vertica… | related |
| https://github.com/5i1encee/Vul/blob/main/Vertica… | exploit |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0574",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T20:37:26.647461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T20:37:35.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Request Handler"
],
"product": "warehouse",
"vendor": "yeqifu",
"versions": [
{
"status": "affected",
"version": "aaf29962ba407d22d991781de28796ee7b4670e4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "5i1encee (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function saveUserRole of the file warehouse\\src\\main\\java\\com\\yeqifu\\sys\\controller\\UserController.java of the component Request Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T08:11:31.730Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-339458 | yeqifu warehouse Request UserController.java saveUserRole improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.339458"
},
{
"name": "VDB-339458 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.339458"
},
{
"name": "Submit #729374 | yeqifu warehouse aaf29962ba407d22d991781de28796ee7b4670e4 vertical privilege escalation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729374"
},
{
"tags": [
"related"
],
"url": "https://github.com/5i1encee/Vul/blob/main/Vertical_privilege_escalation_Vulnerability_in_Project_yeqifu_warehouse.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/5i1encee/Vul/blob/main/Vertical_privilege_escalation_Vulnerability_in_Project_yeqifu_warehouse.md#poc"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-03T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-02-17T20:46:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "yeqifu warehouse Request UserController.java saveUserRole improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0574",
"datePublished": "2026-01-04T02:02:05.682Z",
"dateReserved": "2026-01-03T08:58:17.741Z",
"dateUpdated": "2026-02-23T08:11:31.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0871 (GCVE-0-2026-0871)
Vulnerability from cvelistv5 – Published: 2026-02-27 07:30 – Updated: 2026-03-06 18:50
VLAI
Title
Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators
Summary
A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the system is configured to restrict such modifications.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:2365 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:2366 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2026-0871 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2428881 | issue-trackingx_refsource_REDHAT |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat build of Keycloak 26.4 |
Unaffected:
26.4.9-1 , < *
(rpm)
cpe:/a:redhat:build_keycloak:26.4::el9 |
|
| Red Hat | Red Hat build of Keycloak 26.4 |
Unaffected:
26.4-11 , < *
(rpm)
cpe:/a:redhat:build_keycloak:26.4::el9 |
|
| Red Hat | Red Hat build of Keycloak 26.4 |
Unaffected:
26.4-10 , < *
(rpm)
cpe:/a:redhat:build_keycloak:26.4::el9 |
|
| Red Hat | Red Hat build of Keycloak 26.4.9 |
cpe:/a:redhat:build_keycloak:26.4::el9 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
|
| Red Hat | Red Hat Single Sign-On 7 |
cpe:/a:redhat:red_hat_single_sign_on:7 |
Date Public
2025-01-13 08:08
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0871",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T16:51:23.992734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T18:50:44.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.4::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-operator-bundle",
"product": "Red Hat build of Keycloak 26.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "26.4.9-1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.4::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-rhel9",
"product": "Red Hat build of Keycloak 26.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "26.4-11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.4::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-rhel9-operator",
"product": "Red Hat build of Keycloak 26.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "26.4-10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.4::el9"
],
"defaultStatus": "unaffected",
"packageName": "rhbk/keycloak-rhel9",
"product": "Red Hat build of Keycloak 26.4.9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "affected",
"packageName": "keycloak-services",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "affected",
"packageName": "keycloak-services",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "affected",
"packageName": "keycloak-services",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
}
],
"datePublic": "2025-01-13T08:08:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the \"Only administrators can view\" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the system is configured to restrict such modifications."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T07:30:26.766Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:2365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2365"
},
{
"name": "RHSA-2026:2366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2366"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-0871"
},
{
"name": "RHBZ#2428881",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428881"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-13T08:32:26.428Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-01-13T08:08:00.000Z",
"value": "Made public."
}
],
"title": "Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-0871",
"datePublished": "2026-02-27T07:30:26.766Z",
"dateReserved": "2026-01-13T08:41:28.810Z",
"dateUpdated": "2026-03-06T18:50:44.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10070 (GCVE-0-2026-10070)
Vulnerability from cvelistv5 – Published: 2026-05-29 16:15 – Updated: 2026-05-29 18:21
VLAI
Title
macrozheng mall Super Admin Password update improper authorization
Summary
A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367156 | vdb-entry |
| https://vuldb.com/vuln/367156/cti | signaturepermissions-required |
| https://vuldb.com/submit/818384 | third-party-advisory |
| https://github.com/macrozheng/mall/issues/970 | issue-tracking |
| https://github.com/macrozheng/mall/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| macrozheng | mall |
Affected:
1.0.0
Affected: 1.0.1 Affected: 1.0.2 Affected: 1.0.3 cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10070",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-29T18:20:39.543695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-29T18:21:51.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:*"
],
"modules": [
"Super Admin Password Handler"
],
"product": "mall",
"vendor": "macrozheng",
"versions": [
{
"status": "affected",
"version": "1.0.0"
},
{
"status": "affected",
"version": "1.0.1"
},
{
"status": "affected",
"version": "1.0.2"
},
{
"status": "affected",
"version": "1.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AliceS614 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-29T16:15:07.422Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367156 | macrozheng mall Super Admin Password update improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/367156"
},
{
"name": "VDB-367156 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367156/cti"
},
{
"name": "Submit #818384 | mall 1.0.3 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/818384"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/macrozheng/mall/issues/970"
},
{
"tags": [
"product"
],
"url": "https://github.com/macrozheng/mall/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-29T10:44:20.000Z",
"value": "VulDB entry last update"
}
],
"title": "macrozheng mall Super Admin Password update improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10070",
"datePublished": "2026-05-29T16:15:07.422Z",
"dateReserved": "2026-05-29T08:38:54.521Z",
"dateUpdated": "2026-05-29T18:21:51.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10152 (GCVE-0-2026-10152)
Vulnerability from cvelistv5 – Published: 2026-05-30 19:15 – Updated: 2026-06-03 18:19
VLAI
Title
TaleLin lin-cms-spring-boot book Endpoint BookController.java access control
Summary
A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.java of the component book Endpoint. The manipulation results in improper access controls. The attack may be launched remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367405 | vdb-entry |
| https://vuldb.com/vuln/367405/cti | signaturepermissions-required |
| https://vuldb.com/submit/818742 | third-party-advisory |
| https://github.com/TaleLin/lin-cms-spring-boot/is… | exploitissue-tracking |
| https://github.com/TaleLin/lin-cms-spring-boot/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TaleLin | lin-cms-spring-boot |
Affected:
0.2.0
Affected: 0.2.1 cpe:2.3:a:talelin:lin-cms-spring-boot:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10152",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T18:19:38.237969Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T18:19:52.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:talelin:lin-cms-spring-boot:*:*:*:*:*:*:*:*"
],
"modules": [
"book Endpoint"
],
"product": "lin-cms-spring-boot",
"vendor": "TaleLin",
"versions": [
{
"status": "affected",
"version": "0.2.0"
},
{
"status": "affected",
"version": "0.2.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "DaytimeHeaven (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.java of the component book Endpoint. The manipulation results in improper access controls. The attack may be launched remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-30T19:15:08.710Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367405 | TaleLin lin-cms-spring-boot book Endpoint BookController.java access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/367405"
},
{
"name": "VDB-367405 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367405/cti"
},
{
"name": "Submit #818742 | https://github.com/TaleLin/lin-cms-spring-boot lin-cms-spring-boot v0.2.1 Broken Access Control",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/818742"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/TaleLin/lin-cms-spring-boot/issues/336"
},
{
"tags": [
"product"
],
"url": "https://github.com/TaleLin/lin-cms-spring-boot/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-30T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-30T07:50:53.000Z",
"value": "VulDB entry last update"
}
],
"title": "TaleLin lin-cms-spring-boot book Endpoint BookController.java access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10152",
"datePublished": "2026-05-30T19:15:08.710Z",
"dateReserved": "2026-05-30T05:45:49.698Z",
"dateUpdated": "2026-06-03T18:19:52.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10215 (GCVE-0-2026-10215)
Vulnerability from cvelistv5 – Published: 2026-06-01 02:15 – Updated: 2026-06-03 17:53 X_Open Source
VLAI
Title
Dolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization
Summary
A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of the component Leave Request REST API. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 23.0.2 is recommended to address this issue. The identifier of the patch is ee93b6f2f9dd0f6aeefe9d718ab3ab0a44326b73. Upgrading the affected component is advised.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367494 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367494/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10215 | third-party-advisory |
| https://vuldb.com/submit/821930 | third-party-advisory |
| https://github.com/Dolibarr/dolibarr/issues/37752 | issue-tracking |
| https://github.com/Dolibarr/dolibarr/issues/37752… | issue-tracking |
| https://github.com/user-attachments/files/2648738… | exploit |
| https://github.com/Dolibarr/dolibarr/commit/ee93b… | patch |
| https://github.com/Dolibarr/dolibarr/releases/tag… | patch |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10215",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T17:51:45.697233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T17:53:15.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Dolibarr/dolibarr/issues/37752"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Dolibarr/dolibarr/issues/37752#issuecomment-4304055921"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:dolibarr:erp_crm:*:*:*:*:*:*:*:*"
],
"modules": [
"Leave Request REST API"
],
"product": "ERP CRM",
"vendor": "Dolibarr",
"versions": [
{
"status": "affected",
"version": "23.0.0"
},
{
"status": "affected",
"version": "23.0.1"
},
{
"status": "unaffected",
"version": "23.0.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mitch311 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of the component Leave Request REST API. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 23.0.2 is recommended to address this issue. The identifier of the patch is ee93b6f2f9dd0f6aeefe9d718ab3ab0a44326b73. Upgrading the affected component is advised."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T02:15:09.249Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367494 | Dolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367494"
},
{
"name": "VDB-367494 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367494/cti"
},
{
"name": "CVE-2026-10215 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10215"
},
{
"name": "Submit #821930 | Dolibarr Dolibarr ERP/CRM \u003c=23.0.1 Incorrect Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/821930"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Dolibarr/dolibarr/issues/37752"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Dolibarr/dolibarr/issues/37752#issuecomment-4304055921"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/user-attachments/files/26487388/2_Dolibarr_Leave_Request_API_Horizontal_Unauthorized_Read_en.pdf"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Dolibarr/dolibarr/commit/ee93b6f2f9dd0f6aeefe9d718ab3ab0a44326b73"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Dolibarr/dolibarr/releases/tag/23.0.2"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T09:37:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "Dolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10215",
"datePublished": "2026-06-01T02:15:09.249Z",
"dateReserved": "2026-05-31T07:32:35.727Z",
"dateUpdated": "2026-06-03T17:53:15.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10217 (GCVE-0-2026-10217)
Vulnerability from cvelistv5 – Published: 2026-06-01 02:45 – Updated: 2026-06-01 14:57
VLAI
Title
nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management
Summary
A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project tagged the reported issue as bug.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367496 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367496/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10217 | third-party-advisory |
| https://vuldb.com/submit/821937 | third-party-advisory |
| https://github.com/nextlevelbuilder/goclaw/issues/1118 | exploitissue-tracking |
| https://github.com/nextlevelbuilder/goclaw/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextlevelbuilder | GoClaw |
Affected:
3.11.0
Affected: 3.11.1 Affected: 3.11.2 Affected: 3.11.3 cpe:2.3:a:nextlevelbuilder:goclaw:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10217",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T14:57:20.900067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T14:57:27.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:nextlevelbuilder:goclaw:*:*:*:*:*:*:*:*"
],
"modules": [
"RoleAdmin Gateway"
],
"product": "GoClaw",
"vendor": "nextlevelbuilder",
"versions": [
{
"status": "affected",
"version": "3.11.0"
},
{
"status": "affected",
"version": "3.11.1"
},
{
"status": "affected",
"version": "3.11.2"
},
{
"status": "affected",
"version": "3.11.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-b (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project tagged the reported issue as bug."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T02:45:09.177Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367496 | nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367496"
},
{
"name": "VDB-367496 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367496/cti"
},
{
"name": "CVE-2026-10217 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10217"
},
{
"name": "Submit #821937 | nextlevelbuilder goclaw \u003c= 3.11.3 Improper Privilege Management (CWE-269)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/821937"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/nextlevelbuilder/goclaw/issues/1118"
},
{
"tags": [
"product"
],
"url": "https://github.com/nextlevelbuilder/goclaw/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T09:46:15.000Z",
"value": "VulDB entry last update"
}
],
"title": "nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10217",
"datePublished": "2026-06-01T02:45:09.177Z",
"dateReserved": "2026-05-31T07:40:58.866Z",
"dateUpdated": "2026-06-01T14:57:27.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10218 (GCVE-0-2026-10218)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:00 – Updated: 2026-06-01 15:23
VLAI
Title
nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization
Summary
A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The project tagged the reported issue as bug.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367497 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367497/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10218 | third-party-advisory |
| https://vuldb.com/submit/821938 | third-party-advisory |
| https://github.com/nextlevelbuilder/goclaw/issues/1120 | exploitissue-tracking |
| https://github.com/nextlevelbuilder/goclaw/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextlevelbuilder | GoClaw |
Affected:
3.11.0
Affected: 3.11.1 Affected: 3.11.2 Affected: 3.11.3 cpe:2.3:a:nextlevelbuilder:goclaw:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10218",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T15:14:55.309056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T15:23:44.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:nextlevelbuilder:goclaw:*:*:*:*:*:*:*:*"
],
"product": "GoClaw",
"vendor": "nextlevelbuilder",
"versions": [
{
"status": "affected",
"version": "3.11.0"
},
{
"status": "affected",
"version": "3.11.1"
},
{
"status": "affected",
"version": "3.11.2"
},
{
"status": "affected",
"version": "3.11.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-b (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The project tagged the reported issue as bug."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:00:12.820Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367497 | nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367497"
},
{
"name": "VDB-367497 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367497/cti"
},
{
"name": "CVE-2026-10218 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10218"
},
{
"name": "Submit #821938 | nextlevelbuilder goclaw \u003c= v3.11.3 Improper Authorization (CWE-285)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/821938"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/nextlevelbuilder/goclaw/issues/1120"
},
{
"tags": [
"product"
],
"url": "https://github.com/nextlevelbuilder/goclaw/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T09:46:18.000Z",
"value": "VulDB entry last update"
}
],
"title": "nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10218",
"datePublished": "2026-06-01T03:00:12.820Z",
"dateReserved": "2026-05-31T07:41:01.502Z",
"dateUpdated": "2026-06-01T15:23:44.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10236 (GCVE-0-2026-10236)
Vulnerability from cvelistv5 – Published: 2026-06-01 07:30 – Updated: 2026-06-01 15:23 X_Freeware
VLAI
Title
SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization
Summary
A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367515 | vdb-entry |
| https://vuldb.com/vuln/367515/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10236 | third-party-advisory |
| https://vuldb.com/submit/823134 | third-party-advisory |
| https://github.com/renzortega1337/Security-Resear… | broken-linkexploit |
| https://www.sourcecodester.com/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SourceCodester | Water Billing Management System |
Affected:
1.0
cpe:2.3:a:sourcecodester:water_billing_management_system:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T15:04:00.299971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T15:23:25.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:sourcecodester:water_billing_management_system:*:*:*:*:*:*:*:*"
],
"modules": [
"User Management Endpoint"
],
"product": "Water Billing Management System",
"vendor": "SourceCodester",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "renzortega1337 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T07:30:10.116Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367515 | SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/367515"
},
{
"name": "VDB-367515 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367515/cti"
},
{
"name": "CVE-2026-10236 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10236"
},
{
"name": "Submit #823134 | SourceCodester Water Billing Management System in PHP/OOP Free Source Code 1.0 Authorization Bypass",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/823134"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/renzortega1337/Security-Research-/blob/main/Unauthenticated%20Admin%20Creation%20in%20PHP%20System.md"
},
{
"tags": [
"product"
],
"url": "https://www.sourcecodester.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T10:29:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10236",
"datePublished": "2026-06-01T07:30:10.116Z",
"dateReserved": "2026-05-31T08:23:59.618Z",
"dateUpdated": "2026-06-01T15:23:25.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10255 (GCVE-0-2026-10255)
Vulnerability from cvelistv5 – Published: 2026-06-01 12:00 – Updated: 2026-06-01 14:58 X_Freeware
VLAI
Title
SourceCodester Pharmacy Sales and Inventory System ShowForm.php sell_statement access control
Summary
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell_statement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367533 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367533/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10255 | third-party-advisory |
| https://vuldb.com/submit/824148 | third-party-advisory |
| https://github.com/timeflies123/cve/issues/7 | exploitissue-tracking |
| https://www.sourcecodester.com/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SourceCodester | Pharmacy Sales and Inventory System |
Affected:
1.0
cpe:2.3:a:sourcecodester:pharmacy_sales_and_inventory_system:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10255",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T14:56:39.947916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T14:58:07.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:sourcecodester:pharmacy_sales_and_inventory_system:*:*:*:*:*:*:*:*"
],
"product": "Pharmacy Sales and Inventory System",
"vendor": "SourceCodester",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "timeflies (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell_statement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T12:00:07.625Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367533 | SourceCodester Pharmacy Sales and Inventory System ShowForm.php sell_statement access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367533"
},
{
"name": "VDB-367533 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367533/cti"
},
{
"name": "CVE-2026-10255 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10255"
},
{
"name": "Submit #824148 | SourceCodester Pharmacy Sales and Inventory System 1.0 Information Disclosure",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/824148"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/timeflies123/cve/issues/7"
},
{
"tags": [
"product"
],
"url": "https://www.sourcecodester.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T14:37:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "SourceCodester Pharmacy Sales and Inventory System ShowForm.php sell_statement access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10255",
"datePublished": "2026-06-01T12:00:07.625Z",
"dateReserved": "2026-05-31T12:32:01.559Z",
"dateUpdated": "2026-06-01T14:58:07.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.