CVE-2026-55478: CWE-639: Authorization Bypass Through User-Controlled Key in grokability snipe-it
Snipe-IT versions prior to 8.6.2 contain an authorization bypass vulnerability in the API endpoint POST /api/v1/kits/{kit_id}/licenses. The system checks if the caller can edit kits but fails to…
Read the full article3h agoen
You might also wanna read

CVE-2026-56073: Authentication Bypass Vulnerability in Cap-go OTP Verification
Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verificatio
API authentication vulnerability found in Snyk Kubernetes integration (CVE-2023-1065)
CVE-2023-1065 is a medium severity vulnerability that does not expose the user of the integration to any direct security risk and no user da
Snyk·3y ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.