CVE ID :CVE-2026-56345 Published : June 20, 2026, 6:27 p.m. | 6 hours, 42 minutes ago Description :AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin’s uploadRecordedVideo.json.php endpoint that derives the…
CVE-2026-56341 – AVideo – Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php
CVE ID :CVE-2026-56341 Published : June 20, 2026, 6:27 p.m. | 6 hours, 42 minutes ago Description :AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal…
CVE-2026-56340 – vLLM – Denial of Service via Unvalidated Multimodal Embeddings
CVE ID :CVE-2026-56340 Published : June 20, 2026, 6:27 p.m. | 6 hours, 42 minutes ago Description :vLLM versions >= 0.10.2 and Severity: 8.8 | HIGH Visit the link for more details, such as…
CVE-2026-5366 – Git Argument Injection in prefecthq/prefect
CVE ID :CVE-2026-5366 Published : June 20, 2026, 4:43 p.m. | 8 hours, 26 minutes ago Description :Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in…
CVE-2024-58351 – Flowise – Remote Code Execution via overrideConfig Parameter
CVE ID :CVE-2024-58351 Published : June 20, 2026, 3:21 p.m. | 9 hours, 48 minutes ago Description :Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option,…
CVE-2026-56216 – Capgo – Scope Escalation via API Key Creation in /functions/v1/apikey
CVE ID :CVE-2026-56216 Published : June 20, 2026, 12:14 a.m. | 55 minutes ago Description :Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys…
CVE-2026-56215 – Capgo – Account Merge via Poisoned public.users.email in SSO Provisioning
CVE ID :CVE-2026-56215 Published : June 20, 2026, 12:14 a.m. | 55 minutes ago Description :Capgo before 12.128.12 allows authenticated users to modify their mutable public.users.email to arbitrary addresses, which the SSO provisioning…
CVE-2026-56214 – Capgo – Unauthenticated Organization Enumeration and Billing Status Disclosure via Supabase RPC
CVE ID :CVE-2026-56214 Published : June 20, 2026, 12:14 a.m. | 55 minutes ago Description :Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints is_trial_org and is_paying_org that allows…
CVE-2026-56081 – Cap-go – Account Lockout via 2FA Misconfiguration on Unverified Email
CVE ID :CVE-2026-56081 Published : June 19, 2026, 9:39 p.m. | 3 hours, 30 minutes ago Description :Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account…
CVE-2026-56073 – Cap-go – OTP Bypass via Response Manipulation in Email Verification
CVE ID :CVE-2026-56073 Published : June 19, 2026, 9:39 p.m. | 3 hours, 30 minutes ago Description :Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email…