CVE-2026-59509 - Unauthenticated arbitrary MongoDB collection read in cve-search
CVE ID :CVE-2026-59509 Published : July 5, 2026, 12:02 p.m. | 1 hour, 12 minutes ago Description :An unauthenticated improper input validation vulnerability in the POST /fetch_cve_data endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB...