Known Vulnerabilities for Rest by Plone
Listed below are 1 of the newest known vulnerabilities associated with "Rest" by "Plone".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58376 json | Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users ... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-58319 json | Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attac... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-57952 json | Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook,... | Not Provided | 2026-06-29 | 2026-06-29 |
| CVE-2026-57920 json | Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /re... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-57480 json | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-57111 json | Permissive Cross-Origin Resource Sharing (CORS) in the REST API (helix-rest, org.apache.helix.rest.server.filters.CORSFilter)... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-56773 json | Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass auth... | Not Provided | 2026-06-26 | 2026-06-27 |
| CVE-2026-56422 json | Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys (id) an... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-56348 json | n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-56337 json | Capgo before 12.128.2 contains an information disclosure vulnerability in the public.exist_app_v2 RPC function that allows un... | Not Provided | 2026-06-24 | 2026-06-24 |