B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (3.1)

CVE-2026-49973 - Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

CVE ID :CVE-2026-49973 Published : June 11, 2026, 8:16 p.m. | 48 minutes ago Description :Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the _set_password parameter to...

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

2026-06-11 Kritisch

CVE-2026-46489 - SolidInvoice: Unrestricted file upload with no MIME validation allows stored XSS via malicious SVG logo

2026-06-11 Mittel

CVE-2026-46622 - SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach

2026-06-11 Mittel

CVE-2026-45175 - Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes

2026-06-11 Mittel

CVE-2026-53819 - OpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env Override

2026-06-11 Mittel

CVE-2026-53817 - OpenClaw < 2026.5.22 - Control UI Locality Spoofing in Device Pairing

2026-06-11 Mittel