Known Vulnerabilities for Mass Pay by Paypal
Listed below are 1 of the newest known vulnerabilities associated with "Mass Pay" by "Paypal".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56774 json | Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id paramete... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-56276 json | Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated user... | Not Provided | 2026-06-20 | 2026-06-22 |
| CVE-2026-54361 json | MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, a... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-54360 json | A mass assignment vulnerability exists in MISP’s sharing group creation endpoint. When creating a new sharing group, the co... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-54351 json | Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessibl... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-54329 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the Accessories API create path mass-assigns request param... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-53911 json | Cerebrate before version 1.37 allowed the id primary key field to be supplied through request input during CRUD edit operatio... | Not Provided | 2026-06-11 | 2026-06-11 |
| CVE-2026-53901 json | Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add() handler attemp... | Not Provided | 2026-06-11 | 2026-06-11 |
| CVE-2026-50281 json | Craft CMS is a content management system (CMS). Versions 5.7.0 and above, prior to 5.9.21 contain a mass-assignment flaw in t... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-50160 json | Hoppscotch is an API development ecosystem. In self-hosted deployments of hoppscotch-backend from version 2026.4.1 and earlie... | Not Provided | 2026-07-01 | 2026-07-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Paypal | Mass Pay | - |