CVE-2026-55472: CWE-863: Incorrect Authorization in grokability snipe-it
Snipe-IT versions prior to 8.6.2 have an incorrect authorization vulnerability when Full Multiple Companies Support and scope_locations_fmcs are enabled. The API location creation endpoint detects a…
Read the full articleYou might also wanna read

CVE-2026-11462: Improper Authorization Vulnerability in BeikeShop Stripe Plugin (Up to v1.6.0.22)
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file p

WAF - WAF Release - 2026-04-15
This week's release introduces a new detection for a critical Remote Code Execution (RCE) vulnerability in Mesop (CVE-2026-33057), alongside
Analysis of CVE-2025-14986: Temporal's Masked Namespace Vulnerability Enabling Cross-Tenant Security Bypass
A deep dive into CVE-2025-14986, a masked namespace vulnerability in Temporal that enabled cross-tenant policy and schema confusion via bund
Broadcom Discloses Three Stored XSS Vulnerabilities in VMware Cloud Foundation Operations
Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several rela
cybersecuritynews.com·1mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.