CVE ID :CVE-2026-46622 Published : June 11, 2026, 8:16 p.m. | 48 minutes ago Description :SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to authenticate all REST API requests are stored as plaintext strings in the api_tokens database table. Any...

#Sicherheitslücke #Databreach

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-46622 - SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach

VERWANDTEARTIKEL

Maine breach portal abused to publish fake data breach disclosures

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

CVE-2026-49973 - Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

CVE-2026-46489 - SolidInvoice: Unrestricted file upload with no MIME validation allows stored XSS via malicious SVG logo

CVE-2026-45175 - Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes

CVE-2026-53819 - OpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env Override