CVE-2026-55476: CWE-862: Missing Authorization in grokability snipe-it
Snipe-IT versions prior to 8.6.0 contain a missing authorization vulnerability in the POST /account/request/{itemType}/{itemId}/{cancel_by_admin?}/{requestingUser?} endpoint. This flaw allows an…
Read the full article3h agoen
You might also wanna read
No Manners Here: The Ruthless Rise of The Gentlemen Ransomware
radar.offseq.com·28m ago
CVE-2026-58591: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Colorbox
radar.offseq.com·36m ago
CVE-2026-58588: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Drupal Canvas
radar.offseq.com·36m ago
CVE-2026-59155: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in nezhahq nezha
radar.offseq.com·36m ago
CVE-2026-58587: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal Drupal Canvas
radar.offseq.com·36m ago
CVE-2026-55806: CWE-601 URL Redirection to Untrusted Site ('Open Redirect') in Drupal Drupal core
radar.offseq.com·36m ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.