Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-639 (通过用户控制密钥绕过授权机制) — Vulnerability Class 1038

1038 vulnerabilities classified as CWE-639 (通过用户控制密钥绕过授权机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4958 OpenBMB XAgent WebSocket Endpoint replayer.py ReplayServer.send_data authorization — XAgent 3.1 Low2026-03-27
CVE-2026-33764 AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions — AVideo 4.3 Medium2026-03-27
CVE-2026-1496 Coverity CLI Authentication Bypass — Coverity 9.8 -2026-03-27
CVE-2026-33730 Open Source Point of Sale has an IDOR in Password Change (Home) — opensourcepos 6.5 Medium2026-03-27
CVE-2026-29071 Open WebUI's Insecure Direct Object Reference (IDOR) allows access to other users' memories — open-webui 3.1 Low2026-03-26
CVE-2026-28788 Open WebUI's process_files_batch() endpoint missing ownership check, allows unauthorized file overwrite — open-webui 7.1 High2026-03-26
CVE-2026-28503 Tandoor Recipes has Cross-Space IDOR in SyncViewSet.query_synced_folder: missing space scoping on get_object_or_404 — recipes 6.5 -2026-03-26
CVE-2026-1206 Elementor Website Builder <= 3.35.7 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template — Elementor Website Builder – more than just a page builder 4.3 Medium2026-03-26
CVE-2026-34055 OpenEMR has IDOR in Patient Notes Web UI allows unauthorized note access/modification — openemr 8.1 High2026-03-25
CVE-2026-33934 OpenEMR's Missing Authorization in show-signature.php Allows Portal Patients to Read Staff Signatures — openemr 4.3 Medium2026-03-25
CVE-2026-33931 OpenEMR has IDOR in Portal Payment Page that Allows Cross-Patient Record Access — openemr 6.5 Medium2026-03-25
CVE-2026-32120 OpenEMR has IDOR in Fee Sheet Product Save — openemr 6.5 Medium2026-03-25
CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference — InfoSphere Information Server 5.7 Medium2026-03-25
CVE-2026-33724 n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no — n8n 6.5 -2026-03-25
CVE-2026-33663 n8n Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition — n8n 6.5 -2026-03-25
CVE-2026-2414 HYPR Server 安全漏洞 — Server 8.8 -2026-03-25
CVE-2026-32533 WordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerability — LatePoint 8.2 -2026-03-25
CVE-2026-32535 WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability — JS Help Desk 9.1 -2026-03-25
CVE-2025-69347 WordPress WPSubscription plugin <= 1.8.10 - Insecure Direct Object References (IDOR) vulnerability — WPSubscription 8.6 High2026-03-25
CVE-2026-33345 solidtime vulnerable to IDOR in private projects — solidtime 6.5 Medium2026-03-24
CVE-2026-33511 pyload-ng: Authentication Bypass via Host Header Injection in ClickNLoad — pyload 8.2 -2026-03-24
CVE-2026-33160 Craft CMS: Anonymous "generate transform" calls for assets can expose private assets via transform URL — cms 5.3 -2026-03-24
CVE-2026-33158 Craft CMS: Low-privilege users could read private asset contents when editing an asset (IDOR) — cms 4.3 -2026-03-24
CVE-2026-33700 Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion — vikunja 2.7 -2026-03-24
CVE-2026-33678 Vikunja has IDOR in Task Attachment ReadOne Allows Cross-Project File Access and Deletion — vikunja 8.1 High2026-03-24
CVE-2026-33313 Vikunja has an IDOR in Task Comments Allows Reading Arbitrary Comments — vikunja 4.3 -2026-03-24
CVE-2026-23488 Blinko: multiple interfaces in the comment feature allow unauthorized access — blinko 5.3 -2026-03-23
CVE-2026-23487 Blinko: IDOR - user.detail Endpoint Leaks Superadmin Token — blinko 8.1 -2026-03-23
CVE-2026-30886 New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check — new-api 6.5 Medium2026-03-23
CVE-2026-33297 AVideo has an IDOR - Any Admin Can Set Another User's Channel Password via setPassword.json.php — AVideo 9.1 -2026-03-23

Vulnerabilities classified as CWE-639 (通过用户控制密钥绕过授权机制) represent 1038 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.