CWE-639
AllowedAuthorization Bypass Through User-Controlled Key
Abstraction: Base · Status: Incomplete
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
3258 vulnerabilities reference this CWE, most recent first.
GHSA-PJ5G-V5V3-3C22
Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2025-01-31 12:33In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the necessary permissions or being assigned to the project. This issue allows for unauthorized modification of project names, potentially leading to confusion or unauthorized access to project resources.
{
"affected": [],
"aliases": [
"CVE-2024-4154"
],
"database_specific": {
"cwe_ids": [
"CWE-639",
"CWE-821"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T18:15:09Z",
"severity": "HIGH"
},
"details": "In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project\u0027s endpoint with a new name for a project, despite not having the necessary permissions or being assigned to the project. This issue allows for unauthorized modification of project names, potentially leading to confusion or unauthorized access to project resources.",
"id": "GHSA-pj5g-v5v3-3c22",
"modified": "2025-01-31T12:33:01Z",
"published": "2024-05-21T18:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4154"
},
{
"type": "WEB",
"url": "https://github.com/lunary-ai/lunary/commit/c43b6c62035f32ca455f66d5fd22ba661648cde7"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/e56509af-f7af-4e1e-a04b-9cb53545f30f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PJ87-HX3M-256X
Vulnerability from github – Published: 2025-01-11 09:30 – Updated: 2025-01-11 09:30The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.
{
"affected": [],
"aliases": [
"CVE-2024-11915"
],
"database_specific": {
"cwe_ids": [
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-11T08:15:24Z",
"severity": "MODERATE"
},
"details": "The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.",
"id": "GHSA-pj87-hx3m-256x",
"modified": "2025-01-11T09:30:30Z",
"published": "2025-01-11T09:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11915"
},
{
"type": "WEB",
"url": "https://wordpress.org/plugins/rrdevs-for-elementor"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f7e300f-06b5-4f59-9deb-9771bf86a204?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PJFR-44XR-RRW5
Vulnerability from github – Published: 2026-07-01 06:31 – Updated: 2026-07-01 06:31The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the Optimize_Rest_Controller's create_item(), get_item(), delete_item(), and bulk_delete_items() endpoints — authorization is checked via current_user_can('edit_post'/'delete_post', $post_id) against the user-supplied post_id, while the storage layer keys analysis records on sha256($post_path) from a separately supplied, attacker-controlled post_path parameter, with no enforcement that post_path corresponds to post_id. This makes it possible for authenticated attackers, with Contributor-level access and above, to read or delete optimizer analysis records belonging to posts owned by other users by submitting their own post_id (which passes the capability check) together with the victim post's path.
{
"affected": [],
"aliases": [
"CVE-2026-12904"
],
"database_specific": {
"cwe_ids": [
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-01T05:16:17Z",
"severity": "MODERATE"
},
"details": "The Kadence Blocks \u2013 Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the Optimize_Rest_Controller\u0027s create_item(), get_item(), delete_item(), and bulk_delete_items() endpoints \u2014 authorization is checked via current_user_can(\u0027edit_post\u0027/\u0027delete_post\u0027, $post_id) against the user-supplied post_id, while the storage layer keys analysis records on sha256($post_path) from a separately supplied, attacker-controlled post_path parameter, with no enforcement that post_path corresponds to post_id. This makes it possible for authenticated attackers, with Contributor-level access and above, to read or delete optimizer analysis records belonging to posts owned by other users by submitting their own post_id (which passes the capability check) together with the victim post\u0027s path.",
"id": "GHSA-pjfr-44xr-rrw5",
"modified": "2026-07-01T06:31:34Z",
"published": "2026-07-01T06:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12904"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Path/Path.php#L60"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L153"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L197"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L232"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L339"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L383"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L420"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L458"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.7/includes/resources/Optimizer/Store/Table_Store.php#L96"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Path/Path.php#L60"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L153"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L197"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L232"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L339"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L383"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L420"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Rest/Optimize_Rest_Controller.php#L458"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.7.6/includes/resources/Optimizer/Store/Table_Store.php#L96"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3590217%40kadence-blocks\u0026new=3590217%40kadence-blocks\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24cdd50f-742c-457c-85f7-9cccaf366e87?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PJH7-RCCM-X9QH
Vulnerability from github – Published: 2024-12-19 00:37 – Updated: 2024-12-26 21:30An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.
{
"affected": [],
"aliases": [
"CVE-2024-55506"
],
"database_specific": {
"cwe_ids": [
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-18T23:15:17Z",
"severity": "HIGH"
},
"details": "An IDOR vulnerability in CodeAstro\u0027s Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.",
"id": "GHSA-pjh7-rccm-x9qh",
"modified": "2024-12-26T21:30:36Z",
"published": "2024-12-19T00:37:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55506"
},
{
"type": "WEB",
"url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55506.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PJHX-3C3W-9V23
Vulnerability from github – Published: 2026-07-10 14:32 – Updated: 2026-07-10 14:32Impact
#[ApiProperty(security: ...)] is evaluated per request to decide whether a property is exposed. The componentsCache arrays in ApiPlatform\JsonApi\Serializer\ItemNormalizer and ApiPlatform\Hal\Serializer\ItemNormalizer are keyed on $context['cache_key'], which is set unconditionally before delegating to the parent normalizer. The component structure (attributes, relationships, links) computed for one request can therefore be reused for a subsequent request whose user has a different set of accessible properties. A user with lower privileges may end up seeing the structure of properties that the security predicate would otherwise have hidden for them.
This is the same vulnerability class as GHSA-428q-q3vv-3fq3 / CVE-2025-31485, which fixed only the GraphQL ItemNormalizer. The JSON:API and HAL paths were not addressed at the time.
Exploitation conditions
Exploitation requires all of the following to coincide:
- The application exposes a resource via the JSON:API and/or HAL formats.
- At least one property of that resource uses
#[ApiProperty(security: ...)]with a predicate whose result depends on the current user (or on per-request state). - A request from a user for whom the predicate evaluates to
truepopulatescomponentsCachebefore a request from a user for whom the predicate evaluates tofalse, within the lifetime of the same PHP process. - The deployment uses a long-running PHP runtime that keeps the normalizer instance alive across requests (FrankenPHP worker mode, RoadRunner, Swoole, ReactPHP, etc.). With classic
php-fpmworkers the cache only survives the duration of a single request, which makes the issue much harder to observe in practice.
Patches
- 4.1.29
- 4.2.25
- 4.3.8
All three branches receive patched releases of api-platform/core, api-platform/json-api, and api-platform/hal.
Workarounds
Override the JSON:API and HAL ItemNormalizer services to gate $context['cache_key'] with a resource-class security check, or avoid #[ApiProperty(security: ...)] on resources served as JSON:API or HAL until the patch is applied. Pinning the deployment to classic php-fpm workers also limits exposure since the cache does not survive across requests.
Credits
- Tillmann Baumgart (@tillmon) — originally identified the broader cache-key gap and proposed moving
isCacheKeySafetoAbstractItemNormalizer. - Antoine Bluchet (@soyuka) — extended the gate to JSON:API and HAL normalizers.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/core"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "4.1.29"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/core"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0"
},
{
"fixed": "4.2.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/core"
},
"ranges": [
{
"events": [
{
"introduced": "4.3.0"
},
{
"fixed": "4.3.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/json-api"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.29"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/json-api"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0"
},
{
"fixed": "4.2.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/json-api"
},
"ranges": [
{
"events": [
{
"introduced": "4.3.0"
},
{
"fixed": "4.3.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/hal"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.29"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/hal"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0"
},
{
"fixed": "4.2.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "api-platform/hal"
},
"ranges": [
{
"events": [
{
"introduced": "4.3.0"
},
{
"fixed": "4.3.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-49858"
],
"database_specific": {
"cwe_ids": [
"CWE-524",
"CWE-639"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-10T14:32:01Z",
"nvd_published_at": "2026-07-01T20:17:10Z",
"severity": "MODERATE"
},
"details": "### Impact\n\n`#[ApiProperty(security: ...)]` is evaluated per request to decide whether a property is exposed. The `componentsCache` arrays in `ApiPlatform\\JsonApi\\Serializer\\ItemNormalizer` and `ApiPlatform\\Hal\\Serializer\\ItemNormalizer` are keyed on `$context[\u0027cache_key\u0027]`, which is set unconditionally before delegating to the parent normalizer. The component structure (attributes, relationships, links) computed for one request can therefore be reused for a subsequent request whose user has a different set of accessible properties. A user with lower privileges may end up seeing the structure of properties that the security predicate would otherwise have hidden for them.\n\nThis is the same vulnerability class as [GHSA-428q-q3vv-3fq3](https://github.com/api-platform/core/security/advisories/GHSA-428q-q3vv-3fq3) / CVE-2025-31485, which fixed only the GraphQL `ItemNormalizer`. The JSON:API and HAL paths were not addressed at the time.\n\n### Exploitation conditions\n\nExploitation requires all of the following to coincide:\n\n- The application exposes a resource via the JSON:API and/or HAL formats.\n- At least one property of that resource uses `#[ApiProperty(security: ...)]` with a predicate whose result depends on the current user (or on per-request state).\n- A request from a user for whom the predicate evaluates to `true` populates `componentsCache` before a request from a user for whom the predicate evaluates to `false`, within the lifetime of the same PHP process.\n- The deployment uses a long-running PHP runtime that keeps the normalizer instance alive across requests (FrankenPHP worker mode, RoadRunner, Swoole, ReactPHP, etc.). With classic `php-fpm` workers the cache only survives the duration of a single request, which makes the issue much harder to observe in practice.\n\n### Patches\n\n- 4.1.29\n- 4.2.25\n- 4.3.8\n\nAll three branches receive patched releases of `api-platform/core`, `api-platform/json-api`, and `api-platform/hal`.\n\n### Workarounds\n\nOverride the JSON:API and HAL `ItemNormalizer` services to gate `$context[\u0027cache_key\u0027]` with a resource-class security check, or avoid `#[ApiProperty(security: ...)]` on resources served as JSON:API or HAL until the patch is applied. Pinning the deployment to classic `php-fpm` workers also limits exposure since the cache does not survive across requests.\n\n### Credits\n\n- Tillmann Baumgart (@tillmon) \u2014 originally identified the broader cache-key gap and proposed moving `isCacheKeySafe` to `AbstractItemNormalizer`.\n- Antoine Bluchet (@soyuka) \u2014 extended the gate to JSON:API and HAL normalizers.",
"id": "GHSA-pjhx-3c3w-9v23",
"modified": "2026-07-10T14:32:01Z",
"published": "2026-07-10T14:32:01Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/api-platform/core/security/advisories/GHSA-pjhx-3c3w-9v23"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49858"
},
{
"type": "PACKAGE",
"url": "https://github.com/api-platform/core"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "API Platform Core vulnerable to cross-user attribute leak in JSON:API and HAL item normalizers due to missing isCacheKeySafe gate"
}
GHSA-PJQG-Q843-GM7C
Vulnerability from github – Published: 2023-12-12 09:30 – Updated: 2023-12-12 09:30Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a post if they know the post ID
{
"affected": [],
"aliases": [
"CVE-2023-46701"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-12T09:15:08Z",
"severity": "MODERATE"
},
"details": "Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a post if they know the post ID\n\n",
"id": "GHSA-pjqg-q843-gm7c",
"modified": "2023-12-12T09:30:33Z",
"published": "2023-12-12T09:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46701"
},
{
"type": "WEB",
"url": "https://mattermost.com/security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PJVX-RX66-R3FG
Vulnerability from github – Published: 2026-03-09 19:54 – Updated: 2026-03-09 19:54Summary
/allowlist ... --store resolved the selected channel accountId for reads, but store writes still dropped that accountId and wrote into the legacy unscoped pairing allowlist store.
Because default-account reads still merge legacy unscoped entries, a store entry intended for one account could silently authorize the same sender on the default account.
This is a real cross-account sender-authorization scoping bug. Severity is set to medium because exploitation requires an already-authorized user who can run /allowlist edits.
Affected Packages / Versions
- Package:
openclaw(npm) - Latest published version checked:
2026.3.2 - Affected versions:
<= 2026.3.2 - Fixed on
main: March 7, 2026 in70da80bcb5574a10925469048d2ebb2abf882e73 - Patched release:
2026.3.7
Details
The affected path was:
- src/auto-reply/reply/commands-allowlist.ts:386-393 resolved accountId and read store state with it
- src/auto-reply/reply/commands-allowlist.ts:697-702 and src/auto-reply/reply/commands-allowlist.ts:730-733 wrote store state without passing accountId
- src/pairing/pairing-store.ts:231-234 and src/pairing/pairing-store.ts:534-554 still merged legacy unscoped allowlist entries into the default account
The fix scopes /allowlist ... --store writes to the resolved account and clears legacy default-account store entries on removal so legacy reads no longer create cross-account authorization bleed-through.
Impact
- Vulnerability class: improper authorization scoping / incorrect authorization
- Exploitation requires: an already-authorized sender who can run
/allowlistedits - Security effect: unintended authorization expansion from one channel account into
default
Fix Commit(s)
70da80bcb5574a10925469048d2ebb2abf882e73— scope/allowlist ... --storewrites by account and clean up legacy default-account removals
Release Process Note
npm 2026.3.7 was published on March 8, 2026. This advisory is fixed in the released package.
Thanks @tdjackey for reporting.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2026.3.2"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.3.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-639",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-09T19:54:08Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Summary\n`/allowlist ... --store` resolved the selected channel `accountId` for reads, but store writes still dropped that `accountId` and wrote into the legacy unscoped pairing allowlist store.\n\nBecause default-account reads still merge legacy unscoped entries, a store entry intended for one account could silently authorize the same sender on the `default` account.\n\nThis is a real cross-account sender-authorization scoping bug. Severity is set to **medium** because exploitation requires an already-authorized user who can run `/allowlist` edits.\n\n### Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published version checked: `2026.3.2`\n- Affected versions: `\u003c= 2026.3.2`\n- Fixed on `main`: March 7, 2026 in `70da80bcb5574a10925469048d2ebb2abf882e73`\n- Patched release: `2026.3.7`\n\n### Details\nThe affected path was:\n- `src/auto-reply/reply/commands-allowlist.ts:386-393` resolved `accountId` and read store state with it\n- `src/auto-reply/reply/commands-allowlist.ts:697-702` and `src/auto-reply/reply/commands-allowlist.ts:730-733` wrote store state without passing `accountId`\n- `src/pairing/pairing-store.ts:231-234` and `src/pairing/pairing-store.ts:534-554` still merged legacy unscoped allowlist entries into the `default` account\n\nThe fix scopes `/allowlist ... --store` writes to the resolved account and clears legacy default-account store entries on removal so legacy reads no longer create cross-account authorization bleed-through.\n\n### Impact\n- Vulnerability class: improper authorization scoping / incorrect authorization\n- Exploitation requires: an already-authorized sender who can run `/allowlist` edits\n- Security effect: unintended authorization expansion from one channel account into `default`\n\n### Fix Commit(s)\n- `70da80bcb5574a10925469048d2ebb2abf882e73` \u2014 scope `/allowlist ... --store` writes by account and clean up legacy default-account removals\n\n### Release Process Note\nnpm `2026.3.7` was published on March 8, 2026. This advisory is fixed in the released package.\n\nThanks @tdjackey for reporting.",
"id": "GHSA-pjvx-rx66-r3fg",
"modified": "2026-03-09T19:54:08Z",
"published": "2026-03-09T19:54:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pjvx-rx66-r3fg"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/70da80bcb5574a10925469048d2ebb2abf882e73"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "OpenClaw: Cross-account sender authorization expansion in `/allowlist ... --store` account scoping"
}
GHSA-PJXF-5F7V-2QF7
Vulnerability from github – Published: 2026-05-02 12:31 – Updated: 2026-05-02 12:31School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify a specific parameter to read and modify other users' data.
{
"affected": [],
"aliases": [
"CVE-2026-7491"
],
"database_specific": {
"cwe_ids": [
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-02T10:16:19Z",
"severity": "HIGH"
},
"details": "School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify a specific parameter to read and modify other users\u0027 data.",
"id": "GHSA-pjxf-5f7v-2qf7",
"modified": "2026-05-02T12:31:21Z",
"published": "2026-05-02T12:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7491"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/en/cp-139-10897-64257-2.html"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/tw/cp-132-10896-e3240-1.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PM23-3PX3-QRH7
Vulnerability from github – Published: 2024-08-26 00:30 – Updated: 2024-09-12 21:32A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user.
This is due to lib9p not properly verifying that the uname given in the Tauth and Tattach 9p messages matches the client UID returned from the factotum authentication handshake.
The only filesystem making use of these functions within the base 9front systems is the experimental hjfs disk filesystem, other disk filesystems (cwfs and gefs) are not affected by this bug.
This bug was inherited from Plan 9 and is present in all versions of 9front and is remedied fully in commit 9645ae07eb66a59015e3e118d0024790c37400da.
{
"affected": [],
"aliases": [
"CVE-2024-8158"
],
"database_specific": {
"cwe_ids": [
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-25T22:15:05Z",
"severity": "HIGH"
},
"details": "A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user.\n\nThis is due to lib9p not properly verifying that the uname given in the Tauth and Tattach 9p messages matches the client UID returned from the factotum authentication handshake.\n\n\nThe only filesystem making use of these functions within the base 9front systems is the experimental hjfs disk filesystem, other disk filesystems (cwfs and gefs) are not affected by this bug.\n\nThis bug was inherited from Plan 9 and is present in all versions of 9front and is remedied fully in commit 9645ae07eb66a59015e3e118d0024790c37400da.",
"id": "GHSA-pm23-3px3-qrh7",
"modified": "2024-09-12T21:32:00Z",
"published": "2024-08-26T00:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8158"
},
{
"type": "WEB",
"url": "https://git.9front.org/plan9front/plan9front/07aa9bfeef55ca987d411115adcfbbd4390ecf34/commit.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:C/RE:L/U:Red",
"type": "CVSS_V4"
}
]
}
GHSA-PM47-FVG6-H3R6
Vulnerability from github – Published: 2025-08-07 21:31 – Updated: 2025-08-07 21:31An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request.
{
"affected": [],
"aliases": [
"CVE-2025-51533"
],
"database_specific": {
"cwe_ids": [
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-07T19:15:28Z",
"severity": "MODERATE"
},
"details": "An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request.",
"id": "GHSA-pm47-fvg6-h3r6",
"modified": "2025-08-07T21:31:08Z",
"published": "2025-08-07T21:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-51533"
},
{
"type": "WEB",
"url": "https://www.sec4you-pentest.com/schwachstelle/sage-dpw-vorhersehbare-url-ids-ermoeglichen-unautorisierten-zugriff-auf-interne-formulare"
},
{
"type": "WEB",
"url": "https://www.sec4you-pentest.com/schwachstellen"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
For each and every data access, ensure that the user has sufficient privilege to access the record that is being requested.
Mitigation
Make sure that the key that is used in the lookup of a specific user's record is not controllable externally by the user or that any tampering can be detected.
Mitigation
Use encryption in order to make it more difficult to guess other legitimate values of the key or associate a digital signature with the key so that the server can verify that there has been no tampering.
No CAPEC attack patterns related to this CWE.