Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0012 |
2.1 (4.0)
|
Authentication Error Message Allows Email Address Enum… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:21:34.411344Z | 2026-02-04T19:21:34.411344Z |
| GCVE-1-2026-0013 |
2.1 (4.0)
|
Flask Application Username Route Collision Allows Rese… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:27:00.000Z | 2026-02-04T19:32:49.787763Z |
| GCVE-1-2025-0019 |
4 (4.0)
|
Path traversal vulnerability in EventReport for site-admin |
misp |
misp |
2025-11-26T14:47:00.000Z | 2025-11-28T07:27:42.721350Z |
| GCVE-1-2025-0007 |
4.5 (4.0)
|
Missing email validation on user management |
CIRCL |
vulnerability-lookup |
2025-10-13T08:37:00.000Z | 2025-10-13T08:51:37.408861Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Ad… |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |
| GCVE-1-2026-0034 |
5.1 (4.0)
|
CSP Report Endpoint Log Flooding via Incorrect Size Limit |
misp |
misp |
2026-05-20T18:15:00.000Z | 2026-05-20T18:42:33.806971Z |
| GCVE-1-2026-20027 |
5.1 (4.0)
|
Cerebrate self-registration password hash exposure via… |
cerebrate |
cerebrate |
2026-06-11T10:02:42.624185Z | 2026-06-11T10:02:55.904460Z |
| GCVE-1-2026-20036 |
5.1 (4.0)
|
MISP Overmind theme stored XSS via unvalidated homepag… |
misp |
misp |
2026-06-12T20:16:32.896814Z | 2026-06-12T20:21:32.310190Z |
| GCVE-1-2026-20047 |
5.1 (4.0)
|
MISP Event template importer authorization bypass |
misp |
misp |
2026-06-04T13:03:38.630862Z | 2026-06-04T13:05:56.422493Z |
| GCVE-1-2026-20083 |
5.1 (4.0)
|
MISP post-login open redirect via pre_login_requested_url |
misp |
misp |
2026-06-04T13:24:46.311258Z | 2026-06-04T13:26:10.929321Z |
| GCVE-1-2026-20084 |
5.1 (4.0)
|
MISP improper authorization allows organization admini… |
misp |
misp |
2026-06-12T19:25:13.040008Z | 2026-06-12T19:25:24.661452Z |
| GCVE-1-2026-20101 |
5.1 (4.0)
|
Open redirect in MISP dashboard button widget URL handling |
misp |
misp |
2026-06-04T13:15:07.059298Z | 2026-06-04T13:17:44.483681Z |
| GCVE-1-2026-20131 |
5.1 (4.0)
|
AIL Framework - Missing Rate Limiting Enables Brute-Fo… |
ail project |
ail framework |
2026-06-22T13:02:18.669480Z | 2026-06-22T13:02:27.300718Z |
| GCVE-1-2025-0001 |
5.3 (4.0)
|
The absence of a password confirmation step when deact… |
CIRCL |
Vulnerability-Lookup |
2025-05-27T08:58:00.000Z | 2025-05-30T14:27:56.273945Z |
| GCVE-1-2026-20004 |
5.3 (4.0)
|
MISP importModule missing authorization allows read-on… |
misp |
misp |
2026-07-08T13:29:57.644210Z | 2026-07-08T13:30:08.436075Z |
| GCVE-1-2026-20008 |
5.3 (4.0)
|
MISP template builder exposes non-visible custom galax… |
misp |
misp |
2026-06-12T20:06:54.852957Z | 2026-06-12T20:07:09.547667Z |
| GCVE-1-2026-20030 |
5.3 (4.0)
|
MISP UiBeta event index reflected XSS in advanced filt… |
misp |
misp |
2026-06-12T20:34:00.000Z | 2026-06-12T20:35:57.600048Z |
| GCVE-1-2026-20044 |
5.3 (4.0)
|
MISP AuthKey edit endpoint allows authenticated user e… |
misp |
misp |
2026-06-12T20:45:00.000Z | 2026-06-12T20:47:57.970104Z |
| GCVE-1-2026-20066 |
5.3 (4.0)
|
Unauthorized exposure of private galaxies in MISP even… |
misp |
misp |
2026-06-04T12:50:00.000Z | 2026-06-04T12:55:19.417449Z |
| GCVE-1-2026-20069 |
5.3 (4.0)
|
MISP Dashboard widget field selection may expose restr… |
misp |
misp |
2026-06-04T13:52:44.451016Z | 2026-06-04T13:53:15.203048Z |
| GCVE-1-2026-20070 |
5.3 (4.0)
|
MISP object edit authorization bypass allows unauthori… |
misp |
misp |
2026-06-12T21:07:14.650450Z | 2026-06-12T21:08:11.190809Z |
| GCVE-1-2026-20112 |
5.3 (4.0)
|
importModule function in MISP ignores per-organisation… |
misp |
misp |
2026-07-08T13:36:15.651888Z | 2026-07-08T13:36:48.095956Z |
| GCVE-1-2026-20114 |
5.3 (4.0)
|
Authenticated Path Traversal in AIL framework /objects… |
ail-project |
ail-framework |
2026-06-19T08:03:34.981330Z | 2026-06-19T08:03:52.099550Z |
| GCVE-1-2026-20123 |
5.3 (4.0)
|
MISP organisation logo path traversal allows retrieval… |
misp |
misp |
2026-06-12T20:30:07.276457Z | 2026-06-12T20:30:17.372737Z |
| GCVE-1-2026-0027 |
5.8 (4.0)
|
Unsafe remote resource fetching in expansion misp-modules |
misp |
misp-modules |
2026-04-29T12:05:00.000Z | 2026-05-06T16:03:40.556833Z |
| GCVE-1-2025-0016 |
6 (4.0)
|
Local file inclusion in [ImportFromUrl() URL hand… |
misp |
misp |
2025-11-04T09:20:00.000Z | 2025-11-04T09:56:38.383646Z |
| GCVE-1-2026-0033 |
6 (4.0)
|
MISP OIDC authentication bypass via automatic email-ba… |
misp |
misp |
2026-05-20T14:22:00.000Z | 2026-05-20T15:11:36.782113Z |
| GCVE-1-2026-20124 |
6.1 (4.0)
|
MISP event editing allows unauthorized assignment to u… |
misp |
misp |
2026-06-12T20:55:35.673197Z | 2026-06-12T20:55:46.810996Z |
| GCVE-1-2025-0030 |
6.2 (4.0)
|
A cross-site scripting (XSS) vulnerability in the MISP… |
misp |
misp |
2025-12-03T10:53:00.000Z | 2025-12-03T10:58:55.845341Z |
| GCVE-1-2026-20001 |
6.2 (4.0)
|
FlowIntel external reference URL probe allows server-s… |
flowintel |
flowintel |
2026-05-28T09:24:00.000Z | 2026-05-28T09:28:16.686697Z |