Known Vulnerabilities for Create by Mediavine
Listed below are 3 of the newest known vulnerabilities associated with "Create" by "Mediavine".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59097 json | Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create def... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-59093 json | Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by t... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-58656 json | Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-A... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-58653 json | PraisonAI before 0.1.7 fails to validate that project_id in issue create and update request bodies belongs to the URL workspa... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-58579 json | RAGFlow before 0.26.3 stores an agent pipeline (DSL) node name without sanitization: the agent update endpoint normalizes the... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-58377 json | JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perfo... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-58165 json | OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-58053 json | Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job... | Not Provided | 2026-06-28 | 2026-06-30 |
| CVE-2026-57960 json | Hi.Events through 1.9.0 public check-in list endpoints use short_id as sole access control, allowing unauthenticated access t... | Not Provided | 2026-06-29 | 2026-06-30 |
| CVE-2026-57953 json | Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perfo... | Not Provided | 2026-06-29 | 2026-06-29 |