Vulnerabilities

Recent vulnerabilities

Recent vulnerabilities from 🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.

GNA-1 (CIRCL)

Recent vulnerabilities · 116 entries
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enum… vulnerability-lookup
vulnerability-lookup
2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Rese… vulnerability-lookup
vulnerability-lookup
2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2025-0019
4 (4.0)
Path traversal vulnerability in EventReport for site-admin misp
misp
2025-11-26T14:47:00.000Z 2025-11-28T07:27:42.721350Z
GCVE-1-2025-0007
4.5 (4.0)
Missing email validation on user management CIRCL
vulnerability-lookup
2025-10-13T08:37:00.000Z 2025-10-13T08:51:37.408861Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
misp
2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2026-0034
5.1 (4.0)
CSP Report Endpoint Log Flooding via Incorrect Size Limit misp
misp
2026-05-20T18:15:00.000Z 2026-05-20T18:42:33.806971Z
GCVE-1-2026-20027
5.1 (4.0)
Cerebrate self-registration password hash exposure via… cerebrate
cerebrate
2026-06-11T10:02:42.624185Z 2026-06-11T10:02:55.904460Z
GCVE-1-2026-20036
5.1 (4.0)
MISP Overmind theme stored XSS via unvalidated homepag… misp
misp
2026-06-12T20:16:32.896814Z 2026-06-12T20:21:32.310190Z
GCVE-1-2026-20047
5.1 (4.0)
MISP Event template importer authorization bypass misp
misp
2026-06-04T13:03:38.630862Z 2026-06-04T13:05:56.422493Z
GCVE-1-2026-20083
5.1 (4.0)
MISP post-login open redirect via pre_login_requested_url misp
misp
2026-06-04T13:24:46.311258Z 2026-06-04T13:26:10.929321Z
GCVE-1-2026-20084
5.1 (4.0)
MISP improper authorization allows organization admini… misp
misp
2026-06-12T19:25:13.040008Z 2026-06-12T19:25:24.661452Z
GCVE-1-2026-20101
5.1 (4.0)
Open redirect in MISP dashboard button widget URL handling misp
misp
2026-06-04T13:15:07.059298Z 2026-06-04T13:17:44.483681Z
GCVE-1-2026-20131
5.1 (4.0)
AIL Framework - Missing Rate Limiting Enables Brute-Fo… ail project
ail framework
2026-06-22T13:02:18.669480Z 2026-06-22T13:02:27.300718Z
GCVE-1-2025-0001
5.3 (4.0)
The absence of a password confirmation step when deact… CIRCL
Vulnerability-Lookup
2025-05-27T08:58:00.000Z 2025-05-30T14:27:56.273945Z
GCVE-1-2026-20004
5.3 (4.0)
MISP importModule missing authorization allows read-on… misp
misp
2026-07-08T13:29:57.644210Z 2026-07-08T13:30:08.436075Z
GCVE-1-2026-20008
5.3 (4.0)
MISP template builder exposes non-visible custom galax… misp
misp
2026-06-12T20:06:54.852957Z 2026-06-12T20:07:09.547667Z
GCVE-1-2026-20030
5.3 (4.0)
MISP UiBeta event index reflected XSS in advanced filt… misp
misp
2026-06-12T20:34:00.000Z 2026-06-12T20:35:57.600048Z
GCVE-1-2026-20044
5.3 (4.0)
MISP AuthKey edit endpoint allows authenticated user e… misp
misp
2026-06-12T20:45:00.000Z 2026-06-12T20:47:57.970104Z
GCVE-1-2026-20066
5.3 (4.0)
Unauthorized exposure of private galaxies in MISP even… misp
misp
2026-06-04T12:50:00.000Z 2026-06-04T12:55:19.417449Z
GCVE-1-2026-20069
5.3 (4.0)
MISP Dashboard widget field selection may expose restr… misp
misp
2026-06-04T13:52:44.451016Z 2026-06-04T13:53:15.203048Z
GCVE-1-2026-20070
5.3 (4.0)
MISP object edit authorization bypass allows unauthori… misp
misp
2026-06-12T21:07:14.650450Z 2026-06-12T21:08:11.190809Z
GCVE-1-2026-20112
5.3 (4.0)
importModule function in MISP ignores per-organisation… misp
misp
2026-07-08T13:36:15.651888Z 2026-07-08T13:36:48.095956Z
GCVE-1-2026-20114
5.3 (4.0)
Authenticated Path Traversal in AIL framework /objects… ail-project
ail-framework
2026-06-19T08:03:34.981330Z 2026-06-19T08:03:52.099550Z
GCVE-1-2026-20123
5.3 (4.0)
MISP organisation logo path traversal allows retrieval… misp
misp
2026-06-12T20:30:07.276457Z 2026-06-12T20:30:17.372737Z
GCVE-1-2026-0027
5.8 (4.0)
Unsafe remote resource fetching in expansion misp-modules misp
misp-modules
2026-04-29T12:05:00.000Z 2026-05-06T16:03:40.556833Z
GCVE-1-2025-0016
6 (4.0)
Local file inclusion in [ImportFromUrl() URL hand… misp
misp
2025-11-04T09:20:00.000Z 2025-11-04T09:56:38.383646Z
GCVE-1-2026-0033
6 (4.0)
MISP OIDC authentication bypass via automatic email-ba… misp
misp
2026-05-20T14:22:00.000Z 2026-05-20T15:11:36.782113Z
GCVE-1-2026-20124
6.1 (4.0)
MISP event editing allows unauthorized assignment to u… misp
misp
2026-06-12T20:55:35.673197Z 2026-06-12T20:55:46.810996Z
GCVE-1-2025-0030
6.2 (4.0)
A cross-site scripting (XSS) vulnerability in the MISP… misp
misp
2025-12-03T10:53:00.000Z 2025-12-03T10:58:55.845341Z
GCVE-1-2026-20001
6.2 (4.0)
FlowIntel external reference URL probe allows server-s… flowintel
flowintel
2026-05-28T09:24:00.000Z 2026-05-28T09:28:16.686697Z