Posts of last 24 hours
A vulnerability has been found in Eleveo Call Recording Software 9.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization.
This vulnerability appears as CVE-2026-15377. The attack may be initiated remotely. In addition, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.
https://vuldb.com/vuln/377444
A vulnerability, which was classified as critical, was found in Eleveo Call Recording Software 9.7.0. Affected is an unknown function of the file /callrec/statisticReportAction.do. The manipulation results in improper authorization.
This vulnerability is reported as CVE-2026-15376. The attack can be launched remotely. Moreover, an exploit is present.
The vendor was contacted early about this disclosure but did not respond in any way.
https://vuldb.com/vuln/377443
A vulnerability, which was classified as problematic, has been found in Eleveo Call Recording Software 9.7.0. This impacts an unknown function of the file /callrec/users_ldap.jsp of the component LDAP User Interface. The manipulation leads to improper authorization.
This vulnerability is documented as CVE-2026-15375. The attack can be initiated remotely. Additionally, an exploit exists.
The vendor was contacted early about this disclosure but did not respond in any way.
https://vuldb.com/vuln/377442
A vulnerability classified as critical was found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization.
This vulnerability is registered as CVE-2026-15374. It is possible to launch the attack remotely. Furthermore, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.
https://vuldb.com/vuln/377441
A vulnerability classified as critical has been found in Eleveo Call Recording Software 9.7.0. The impacted element is an unknown function of the file /callrec/userAddAction.do. Performing a manipulation of the argument role results in improper authorization.
This vulnerability is cataloged as CVE-2026-15373. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
https://vuldb.com/vuln/377440
作者: Michele Guida, Ruslan Shikhhamzayev, Sindhuja Penchala, Stefano Iannucci, Jiacheng Li, Shahram Rahimi, Noorbakhsh Amiri Golilarz 原文链接:https://arxiv.org/pdf/2607.01277v1 摘要—大型语言模型(LLM)可能通过多轮策略被诱导生成...
https://paper.seebug.org/3499
Submit #797462 / VDB-377444
https://vuldb.com/submit/797462
Submit #797461 / VDB-377443
https://vuldb.com/submit/797461
Submit #797459 / VDB-377442
https://vuldb.com/submit/797459
Submit #797458 / VDB-377441
https://vuldb.com/submit/797458