CVE-2026-55516: CWE-639: Authorization Bypass Through User-Controlled Key in grokability snipe-it
Snipe-IT versions prior to 8.6.2 contain an authorization bypass vulnerability in the PATCH or PUT /api/v1/maintenances/{maintenance_id} endpoint. The system checks access to the current maintenance…
Read the full article3h agoen


Comments
Sign in to join the conversation.
No comments yet. Be the first.