Common Weakness Enumeration

CWE-639

Allowed

Authorization Bypass Through User-Controlled Key

Abstraction: Base · Status: Incomplete

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

3258 vulnerabilities reference this CWE, most recent first.

GHSA-PJ5G-V5V3-3C22

Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2025-01-31 12:33
VLAI
Details

In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the necessary permissions or being assigned to the project. This issue allows for unauthorized modification of project names, potentially leading to confusion or unauthorized access to project resources.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4154"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639",
      "CWE-821"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T18:15:09Z",
    "severity": "HIGH"
  },
  "details": "In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project\u0027s endpoint with a new name for a project, despite not having the necessary permissions or being assigned to the project. This issue allows for unauthorized modification of project names, potentially leading to confusion or unauthorized access to project resources.",
  "id": "GHSA-pj5g-v5v3-3c22",
  "modified": "2025-01-31T12:33:01Z",
  "published": "2024-05-21T18:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4154"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lunary-ai/lunary/commit/c43b6c62035f32ca455f66d5fd22ba661648cde7"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/e56509af-f7af-4e1e-a04b-9cb53545f30f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJ87-HX3M-256X

Vulnerability from github – Published: 2025-01-11 09:30 – Updated: 2025-01-11 09:30
VLAI
Details

The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-11915"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-11T08:15:24Z",
    "severity": "MODERATE"
  },
  "details": "The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.",
  "id": "GHSA-pj87-hx3m-256x",
  "modified": "2025-01-11T09:30:30Z",
  "published": "2025-01-11T09:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11915"
    },
    {
      "type": "WEB",
      "url": "https://wordpress.org/plugins/rrdevs-for-elementor"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f7e300f-06b5-4f59-9deb-9771bf86a204?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJFR-44XR-RRW5

Vulnerability from github – Published: 2026-07-01 06:31 – Updated: 2026-07-01 06:31
VLAI
Details

The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the Optimize_Rest_Controller's create_item(), get_item(), delete_item(), and bulk_delete_items() endpoints — authorization is checked via current_user_can('edit_post'/'delete_post', $post_id) against the user-supplied post_id, while the storage layer keys analysis records on sha256($post_path) from a separately supplied, attacker-controlled post_path parameter, with no enforcement that post_path corresponds to post_id. This makes it possible for authenticated attackers, with Contributor-level access and above, to read or delete optimizer analysis records belonging to posts owned by other users by submitting their own post_id (which passes the capability check) together with the victim post's path.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-12904"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-01T05:16:17Z",
    "severity": "MODERATE"
  },
  "details": "The Kadence Blocks \u2013 Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the Optimize_Rest_Controller\u0027s create_item(), get_item(), delete_item(), and bulk_delete_items() endpoints \u2014 authorization is checked via current_user_can(\u0027edit_post\u0027/\u0027delete_post\u0027, $post_id) against the user-supplied post_id, while the storage layer keys analysis records on sha256($post_path) from a separately supplied, attacker-controlled post_path parameter, with no enforcement that post_path corresponds to post_id. This makes it possible for authenticated attackers, with Contributor-level access and above, to read or delete optimizer analysis records belonging to posts owned by other users by submitting their own post_id (which passes the capability check) together with the victim post\u0027s path.",
  "id": "GHSA-pjfr-44xr-rrw5",
  "modified": "2026-07-01T06:31:34Z",
  "published": "2026-07-01T06:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12904"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Path/Path.php#L60"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L153"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L197"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L232"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L339"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L383"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L420"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L458"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Store/Table_Store.php#L96"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Path/Path.php#L60"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L153"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L197"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L232"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L339"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L383"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L420"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L458"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Store/Table_Store.php#L96"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3590217%40kadence-blocks\u0026new=3590217%40kadence-blocks\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24cdd50f-742c-457c-85f7-9cccaf366e87?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJH7-RCCM-X9QH

Vulnerability from github – Published: 2024-12-19 00:37 – Updated: 2024-12-26 21:30
VLAI
Details

An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-55506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-18T23:15:17Z",
    "severity": "HIGH"
  },
  "details": "An IDOR vulnerability in CodeAstro\u0027s Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.",
  "id": "GHSA-pjh7-rccm-x9qh",
  "modified": "2024-12-26T21:30:36Z",
  "published": "2024-12-19T00:37:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55506"
    },
    {
      "type": "WEB",
      "url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55506.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJHX-3C3W-9V23

Vulnerability from github – Published: 2026-07-10 14:32 – Updated: 2026-07-10 14:32
VLAI
Summary
API Platform Core vulnerable to cross-user attribute leak in JSON:API and HAL item normalizers due to missing isCacheKeySafe gate
Details

Impact

#[ApiProperty(security: ...)] is evaluated per request to decide whether a property is exposed. The componentsCache arrays in ApiPlatform\JsonApi\Serializer\ItemNormalizer and ApiPlatform\Hal\Serializer\ItemNormalizer are keyed on $context['cache_key'], which is set unconditionally before delegating to the parent normalizer. The component structure (attributes, relationships, links) computed for one request can therefore be reused for a subsequent request whose user has a different set of accessible properties. A user with lower privileges may end up seeing the structure of properties that the security predicate would otherwise have hidden for them.

This is the same vulnerability class as GHSA-428q-q3vv-3fq3 / CVE-2025-31485, which fixed only the GraphQL ItemNormalizer. The JSON:API and HAL paths were not addressed at the time.

Exploitation conditions

Exploitation requires all of the following to coincide:

  • The application exposes a resource via the JSON:API and/or HAL formats.
  • At least one property of that resource uses #[ApiProperty(security: ...)] with a predicate whose result depends on the current user (or on per-request state).
  • A request from a user for whom the predicate evaluates to true populates componentsCache before a request from a user for whom the predicate evaluates to false, within the lifetime of the same PHP process.
  • The deployment uses a long-running PHP runtime that keeps the normalizer instance alive across requests (FrankenPHP worker mode, RoadRunner, Swoole, ReactPHP, etc.). With classic php-fpm workers the cache only survives the duration of a single request, which makes the issue much harder to observe in practice.

Patches

  • 4.1.29
  • 4.2.25
  • 4.3.8

All three branches receive patched releases of api-platform/core, api-platform/json-api, and api-platform/hal.

Workarounds

Override the JSON:API and HAL ItemNormalizer services to gate $context['cache_key'] with a resource-class security check, or avoid #[ApiProperty(security: ...)] on resources served as JSON:API or HAL until the patch is applied. Pinning the deployment to classic php-fpm workers also limits exposure since the cache does not survive across requests.

Credits

  • Tillmann Baumgart (@tillmon) — originally identified the broader cache-key gap and proposed moving isCacheKeySafe to AbstractItemNormalizer.
  • Antoine Bluchet (@soyuka) — extended the gate to JSON:API and HAL normalizers.
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "4.1.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0"
            },
            {
              "fixed": "4.2.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "4.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/json-api"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.1.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/json-api"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0"
            },
            {
              "fixed": "4.2.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/json-api"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "4.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/hal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.1.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/hal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0"
            },
            {
              "fixed": "4.2.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "api-platform/hal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "4.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-49858"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-524",
      "CWE-639"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-10T14:32:01Z",
    "nvd_published_at": "2026-07-01T20:17:10Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\n`#[ApiProperty(security: ...)]` is evaluated per request to decide whether a property is exposed. The `componentsCache` arrays in `ApiPlatform\\JsonApi\\Serializer\\ItemNormalizer` and `ApiPlatform\\Hal\\Serializer\\ItemNormalizer` are keyed on `$context[\u0027cache_key\u0027]`, which is set unconditionally before delegating to the parent normalizer. The component structure (attributes, relationships, links) computed for one request can therefore be reused for a subsequent request whose user has a different set of accessible properties. A user with lower privileges may end up seeing the structure of properties that the security predicate would otherwise have hidden for them.\n\nThis is the same vulnerability class as [GHSA-428q-q3vv-3fq3](https://github.com/api-platform/core/security/advisories/GHSA-428q-q3vv-3fq3) / CVE-2025-31485, which fixed only the GraphQL `ItemNormalizer`. The JSON:API and HAL paths were not addressed at the time.\n\n### Exploitation conditions\n\nExploitation requires all of the following to coincide:\n\n- The application exposes a resource via the JSON:API and/or HAL formats.\n- At least one property of that resource uses `#[ApiProperty(security: ...)]` with a predicate whose result depends on the current user (or on per-request state).\n- A request from a user for whom the predicate evaluates to `true` populates `componentsCache` before a request from a user for whom the predicate evaluates to `false`, within the lifetime of the same PHP process.\n- The deployment uses a long-running PHP runtime that keeps the normalizer instance alive across requests (FrankenPHP worker mode, RoadRunner, Swoole, ReactPHP, etc.). With classic `php-fpm` workers the cache only survives the duration of a single request, which makes the issue much harder to observe in practice.\n\n### Patches\n\n- 4.1.29\n- 4.2.25\n- 4.3.8\n\nAll three branches receive patched releases of `api-platform/core`, `api-platform/json-api`, and `api-platform/hal`.\n\n### Workarounds\n\nOverride the JSON:API and HAL `ItemNormalizer` services to gate `$context[\u0027cache_key\u0027]` with a resource-class security check, or avoid `#[ApiProperty(security: ...)]` on resources served as JSON:API or HAL until the patch is applied. Pinning the deployment to classic `php-fpm` workers also limits exposure since the cache does not survive across requests.\n\n### Credits\n\n- Tillmann Baumgart (@tillmon) \u2014 originally identified the broader cache-key gap and proposed moving `isCacheKeySafe` to `AbstractItemNormalizer`.\n- Antoine Bluchet (@soyuka) \u2014 extended the gate to JSON:API and HAL normalizers.",
  "id": "GHSA-pjhx-3c3w-9v23",
  "modified": "2026-07-10T14:32:01Z",
  "published": "2026-07-10T14:32:01Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/api-platform/core/security/advisories/GHSA-pjhx-3c3w-9v23"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49858"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/api-platform/core"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "API Platform Core vulnerable to cross-user attribute leak in JSON:API and HAL item normalizers due to missing isCacheKeySafe gate"
}

GHSA-PJQG-Q843-GM7C

Vulnerability from github – Published: 2023-12-12 09:30 – Updated: 2023-12-12 09:30
VLAI
Details

Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a post if they know the post ID

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46701"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-12T09:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Mattermost fails to perform authorization checks in the  /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a post if they know the post ID\n\n",
  "id": "GHSA-pjqg-q843-gm7c",
  "modified": "2023-12-12T09:30:33Z",
  "published": "2023-12-12T09:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46701"
    },
    {
      "type": "WEB",
      "url": "https://mattermost.com/security-updates"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJVX-RX66-R3FG

Vulnerability from github – Published: 2026-03-09 19:54 – Updated: 2026-03-09 19:54
VLAI
Summary
OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping
Details

Summary

/allowlist ... --store resolved the selected channel accountId for reads, but store writes still dropped that accountId and wrote into the legacy unscoped pairing allowlist store.

Because default-account reads still merge legacy unscoped entries, a store entry intended for one account could silently authorize the same sender on the default account.

This is a real cross-account sender-authorization scoping bug. Severity is set to medium because exploitation requires an already-authorized user who can run /allowlist edits.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published version checked: 2026.3.2
  • Affected versions: <= 2026.3.2
  • Fixed on main: March 7, 2026 in 70da80bcb5574a10925469048d2ebb2abf882e73
  • Patched release: 2026.3.7

Details

The affected path was: - src/auto-reply/reply/commands-allowlist.ts:386-393 resolved accountId and read store state with it - src/auto-reply/reply/commands-allowlist.ts:697-702 and src/auto-reply/reply/commands-allowlist.ts:730-733 wrote store state without passing accountId - src/pairing/pairing-store.ts:231-234 and src/pairing/pairing-store.ts:534-554 still merged legacy unscoped allowlist entries into the default account

The fix scopes /allowlist ... --store writes to the resolved account and clears legacy default-account store entries on removal so legacy reads no longer create cross-account authorization bleed-through.

Impact

  • Vulnerability class: improper authorization scoping / incorrect authorization
  • Exploitation requires: an already-authorized sender who can run /allowlist edits
  • Security effect: unintended authorization expansion from one channel account into default

Fix Commit(s)

  • 70da80bcb5574a10925469048d2ebb2abf882e73 — scope /allowlist ... --store writes by account and clean up legacy default-account removals

Release Process Note

npm 2026.3.7 was published on March 8, 2026. This advisory is fixed in the released package.

Thanks @tdjackey for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.2"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-639",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-09T19:54:08Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\n`/allowlist ... --store` resolved the selected channel `accountId` for reads, but store writes still dropped that `accountId` and wrote into the legacy unscoped pairing allowlist store.\n\nBecause default-account reads still merge legacy unscoped entries, a store entry intended for one account could silently authorize the same sender on the `default` account.\n\nThis is a real cross-account sender-authorization scoping bug. Severity is set to **medium** because exploitation requires an already-authorized user who can run `/allowlist` edits.\n\n### Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published version checked: `2026.3.2`\n- Affected versions: `\u003c= 2026.3.2`\n- Fixed on `main`: March 7, 2026 in `70da80bcb5574a10925469048d2ebb2abf882e73`\n- Patched release: `2026.3.7`\n\n### Details\nThe affected path was:\n- `src/auto-reply/reply/commands-allowlist.ts:386-393` resolved `accountId` and read store state with it\n- `src/auto-reply/reply/commands-allowlist.ts:697-702` and `src/auto-reply/reply/commands-allowlist.ts:730-733` wrote store state without passing `accountId`\n- `src/pairing/pairing-store.ts:231-234` and `src/pairing/pairing-store.ts:534-554` still merged legacy unscoped allowlist entries into the `default` account\n\nThe fix scopes `/allowlist ... --store` writes to the resolved account and clears legacy default-account store entries on removal so legacy reads no longer create cross-account authorization bleed-through.\n\n### Impact\n- Vulnerability class: improper authorization scoping / incorrect authorization\n- Exploitation requires: an already-authorized sender who can run `/allowlist` edits\n- Security effect: unintended authorization expansion from one channel account into `default`\n\n### Fix Commit(s)\n- `70da80bcb5574a10925469048d2ebb2abf882e73` \u2014 scope `/allowlist ... --store` writes by account and clean up legacy default-account removals\n\n### Release Process Note\nnpm `2026.3.7` was published on March 8, 2026. This advisory is fixed in the released package.\n\nThanks @tdjackey for reporting.",
  "id": "GHSA-pjvx-rx66-r3fg",
  "modified": "2026-03-09T19:54:08Z",
  "published": "2026-03-09T19:54:08Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pjvx-rx66-r3fg"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/70da80bcb5574a10925469048d2ebb2abf882e73"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping"
}

GHSA-PJXF-5F7V-2QF7

Vulnerability from github – Published: 2026-05-02 12:31 – Updated: 2026-05-02 12:31
VLAI
Details

School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify a specific parameter to read and modify other users' data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-7491"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-02T10:16:19Z",
    "severity": "HIGH"
  },
  "details": "School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify a specific parameter to read and modify other users\u0027 data.",
  "id": "GHSA-pjxf-5f7v-2qf7",
  "modified": "2026-05-02T12:31:21Z",
  "published": "2026-05-02T12:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7491"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/en/cp-139-10897-64257-2.html"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-10896-e3240-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PM23-3PX3-QRH7

Vulnerability from github – Published: 2024-08-26 00:30 – Updated: 2024-09-12 21:32
VLAI
Details

A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user.

This is due to lib9p not properly verifying that the uname given in the Tauth and Tattach 9p messages matches the client UID returned from the factotum authentication handshake.

The only filesystem making use of these functions within the base 9front systems is the experimental hjfs disk filesystem, other disk filesystems (cwfs and gefs) are not affected by this bug.

This bug was inherited from Plan 9 and is present in all versions of 9front and is remedied fully in commit 9645ae07eb66a59015e3e118d0024790c37400da.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8158"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-25T22:15:05Z",
    "severity": "HIGH"
  },
  "details": "A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user.\n\nThis is due to lib9p not properly verifying that the uname given in the Tauth and Tattach 9p messages matches the client UID returned from the factotum authentication handshake.\n\n\nThe only filesystem making use of these functions within the base 9front systems is the experimental hjfs disk filesystem, other disk filesystems (cwfs and gefs) are not affected by this bug.\n\nThis bug was inherited from Plan 9 and is present in all versions of 9front and is remedied fully in commit 9645ae07eb66a59015e3e118d0024790c37400da.",
  "id": "GHSA-pm23-3px3-qrh7",
  "modified": "2024-09-12T21:32:00Z",
  "published": "2024-08-26T00:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8158"
    },
    {
      "type": "WEB",
      "url": "https://git.9front.org/plan9front/plan9front/07aa9bfeef55ca987d411115adcfbbd4390ecf34/commit.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:C/RE:L/U:Red",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PM47-FVG6-H3R6

Vulnerability from github – Published: 2025-08-07 21:31 – Updated: 2025-08-07 21:31
VLAI
Details

An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-51533"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-07T19:15:28Z",
    "severity": "MODERATE"
  },
  "details": "An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request.",
  "id": "GHSA-pm47-fvg6-h3r6",
  "modified": "2025-08-07T21:31:08Z",
  "published": "2025-08-07T21:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-51533"
    },
    {
      "type": "WEB",
      "url": "https://www.sec4you-pentest.com/schwachstelle/sage-dpw-vorhersehbare-url-ids-ermoeglichen-unautorisierten-zugriff-auf-interne-formulare"
    },
    {
      "type": "WEB",
      "url": "https://www.sec4you-pentest.com/schwachstellen"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

For each and every data access, ensure that the user has sufficient privilege to access the record that is being requested.

Mitigation
Architecture and Design Implementation

Make sure that the key that is used in the lookup of a specific user's record is not controllable externally by the user or that any tampering can be detected.

Mitigation
Architecture and Design

Use encryption in order to make it more difficult to guess other legitimate values of the key or associate a digital signature with the key so that the server can verify that there has been no tampering.

No CAPEC attack patterns related to this CWE.