6.3
CVE-2026-5022 - Langflow - Missing Authorization on download_image Endpoint
The '/api/v1/files/images/{flow_id}/{file_name}' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated user to download images belonging to any flow by knowing (or guessing) the flow ID and file name.
5.3
CVE-2026-33766 - AVideo has SSRF Protection Bypass via HTTP Redirect in Image Download Endpoints
WWBN AVideo is an open source video platform. In versions up to and including 26.0, `isSSRFSafeURL()` validates URLs against private/reserved IP ranges before fetching, but `url_get_contents()` follows HTTP redirects without re-validating the redirect target. An attacker can bypass SSRF protection โฆ
4.3
CVE-2026-33764 - AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's `save.json.php` endpoint loads AI response objects using an attacker-controlled `$_REQUEST['id']` parameter without validating that the AI response belongs to the specified video. An authenticated usโฆ
6.5
CVE-2026-27879 - Query resampling can cause unbounded memory allocations
A resample query can be used to trigger out-of-memory crashes in Grafana.
6.5
CVE-2026-28375 - Grafana Testdata datasource can issue unbounded memory allocations
A testdata data-source can be used to trigger out-of-memory crashes in Grafana.
5.3
CVE-2026-33763 - AVideo has an Unauthenticated Video Password Brute-Force Vulnerability via Unrate-Limited Boolean Oโฆ
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `get_api_video_password_is_correct` API endpoint allows any unauthenticated user to verify whether a given password is correct for any password-protected video. The endpoint returns a boolean `passwordIsCorrect`โฆ
9.1
CVE-2026-27876 - RCE on Grafana via sqlExpressions
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the sqlEโฆ
5.3
CVE-2026-33761 - AVideo: Unauthenticated Access to Scheduler Plugin Endpoints Leaks Scheduled Tasks, Email Content, โฆ
WWBN AVideo is an open source video platform. In versions up to and including 26.0, three `list.json.php` endpoints in the Scheduler plugin lack any authentication check, while every other endpoint in the same plugin directories (`add.json.php`, `delete.json.php`, `index.php`) requires `User::isAdmโฆ
5.3
CVE-2026-33759 - AVideo: Unauthenticated IDOR in playlistsVideos.json.php Exposes Private Playlist Contents
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `objects/playlistsVideos.json.php` endpoint returns the full video contents of any playlist by ID without any authentication or authorization check. Private playlists (including `watch_later` and `favorite` typeโฆ
9.3
CVE-2026-1496 - Coverity CLI Authentication Bypass
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass.ย A malicious actor with access to theย /tokenย API endpoint that either knows or guesses a valid username, can use this in a speciallโฆ