CVE-2026-55515: CWE-639: Authorization Bypass Through User-Controlled Key in grokability snipe-it
Snipe-IT versions prior to 8.6.2 contain an authorization bypass vulnerability in the unaccepted-assets report delete endpoint. This flaw allows a user with reports.view permission in one company to…
Read the full article10h agoen
You might also wanna read
CVE-2026-6803: CWE-862 Missing Authorization in wupsales AI Copilot – Content Generator
radar.offseq.com·1h ago
CVE-2026-9738: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in printfriendly Print, PDF & Email by PrintFriendly
radar.offseq.com·1h ago
CVE-2026-3552: CWE-862 Missing Authorization in surflabtech SurfLink – Link Manager & Backup Restore
radar.offseq.com·1h ago
CVE-2026-7620: CWE-862 Missing Authorization in rainafarai Notification for Telegram
radar.offseq.com·1h ago
CVE-2026-7559: CWE-862 Missing Authorization in redefiningtheweb Affiliate Program & Referral Tracking for WooCommerce & WordPress – Affilia
radar.offseq.com·1h ago
CVE-2026-6804: CWE-862 Missing Authorization in wupsales AI Copilot – Content Generator
radar.offseq.com·1h ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.