CWE-863
Allowed-with-ReviewIncorrect Authorization
Abstraction: Class · Status: Incomplete
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
5504 vulnerabilities reference this CWE, most recent first.
CVE-2026-47777 (GCVE-0-2026-47777)
Vulnerability from cvelistv5 – Published: 2026-06-15 16:54 – Updated: 2026-06-15 18:51| URL | Tags |
|---|---|
| https://github.com/mastodon/mastodon/security/adv… | x_refsource_CONFIRM |
| https://github.com/mastodon/mastodon/commit/22203… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T18:51:19.680491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T18:51:29.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mastodon",
"vendor": "mastodon",
"versions": [
{
"status": "affected",
"version": "\u003e= nightly.2026-03-10, \u003c 4.6.0-beta.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote accounts consented to be featured in a remote Collection could lead to attackers bypassing the check and faking consent. An attacker could forge the FeatureAuthorization object that is used to verify consent to be featured in a Collection and thus make it appear as if an account is allowed to be in a Collection when it actually is not. While the FeatureAuthorization must reside on the same domain as the object it is for, a check is missing to make sure said object is actually the same as in the Collection item. This allows an attacker to forge the authorization. Mastodon servers are affected only if running the main branch or nightly builds who have opted into testing the experimental \"Collections\" feature by setting the environment variable EXPERIMENTAL_FEATURES to a value including collections. This has been patched in version 4.6.0-beta.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:54:44.612Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/mastodon/mastodon/security/advisories/GHSA-vg36-gxjg-2v46",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-vg36-gxjg-2v46"
},
{
"name": "https://github.com/mastodon/mastodon/commit/22203f8aeb03e8f14dc62e253e83db39825a5bcf",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mastodon/mastodon/commit/22203f8aeb03e8f14dc62e253e83db39825a5bcf"
}
],
"source": {
"advisory": "GHSA-vg36-gxjg-2v46",
"discovery": "UNKNOWN"
},
"title": "Mastodon has a consent-check bypass in its remote Collections"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47777",
"datePublished": "2026-06-15T16:54:44.612Z",
"dateReserved": "2026-05-19T22:36:16.883Z",
"dateUpdated": "2026-06-15T18:51:29.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47732 (GCVE-0-2026-47732)
Vulnerability from cvelistv5 – Published: 2026-07-14 21:12 – Updated: 2026-07-15 13:26- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://github.com/twigphp/Twig/security/advisori… | x_refsource_CONFIRM |
| https://github.com/twigphp/Twig/commit/447d0b2331… | x_refsource_MISC |
| https://github.com/twigphp/Twig/releases/tag/v3.26.0 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T13:20:12.888618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T13:26:33.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Twig",
"vendor": "twigphp",
"versions": [
{
"status": "affected",
"version": "\u003c 3.26.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Twig is a template language for PHP. Prior to 3.26.0, several Twig language constructs trigger PHP string coercion on a Stringable operand without consulting SecurityPolicy::checkMethodAllowed(), allowing a sandboxed template author to invoke __toString() on objects reachable in the render context through conditional expressions, comparison operators, tests, template-loading tags, dynamic attribute names, spread arguments, the do tag, and the .. range operator. This issue is fixed in version 3.26.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T21:12:13.071Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/twigphp/Twig/security/advisories/GHSA-pr2w-4gpj-cpq4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/twigphp/Twig/security/advisories/GHSA-pr2w-4gpj-cpq4"
},
{
"name": "https://github.com/twigphp/Twig/commit/447d0b2331e01b8fc6e08119ac984e1ef50caef9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twigphp/Twig/commit/447d0b2331e01b8fc6e08119ac984e1ef50caef9"
},
{
"name": "https://github.com/twigphp/Twig/releases/tag/v3.26.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twigphp/Twig/releases/tag/v3.26.0"
}
],
"source": {
"advisory": "GHSA-pr2w-4gpj-cpq4",
"discovery": "UNKNOWN"
},
"title": "Twig Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47732",
"datePublished": "2026-07-14T21:12:13.071Z",
"dateReserved": "2026-05-19T22:16:39.503Z",
"dateUpdated": "2026-07-15T13:26:33.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47339 (GCVE-0-2026-47339)
Vulnerability from cvelistv5 – Published: 2026-06-19 13:10 – Updated: 2026-06-22 16:18- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache APISIX |
Affected:
2.14.1 , ≤ 3.16.0
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-06-19T16:49:51.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/06/19/9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T16:18:19.243261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:18:30.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache APISIX",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.16.0",
"status": "affected",
"version": "2.14.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "leon"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIncorrect Authorization vulnerability in Apache APISIX.\u003c/p\u003eAn attacker can capitalise on authz-casdoor plugin under default configuration to authenticate themselves with credentials from a different source.\u003cbr\u003e\u003cp\u003eThis issue affects Apache APISIX: from 2.14.1 through 3.16.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 3.17.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Incorrect Authorization vulnerability in Apache APISIX.\n\nAn attacker can capitalise on authz-casdoor plugin under default configuration to authenticate themselves with credentials from a different source.\nThis issue affects Apache APISIX: from 2.14.1 through 3.16.0.\n\nUsers are recommended to upgrade to version 3.17.0, which fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-19T13:10:04.769Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lk4q5o855cocc7zq5wh1zlctfmcq6f76"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache APISIX: authz-casdoor incorrect session sharing",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2026-47339",
"datePublished": "2026-06-19T13:10:04.769Z",
"dateReserved": "2026-05-19T11:31:05.953Z",
"dateUpdated": "2026-06-22T16:18:30.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47303 (GCVE-0-2026-47303)
Vulnerability from cvelistv5 – Published: 2026-07-14 18:45 – Updated: 2026-07-15 22:22| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | .NET 10.0 |
Affected:
10.0.0 , < 10.0.6
(custom)
|
|
| Microsoft | .NET 8.0 |
Affected:
8.0.0 , < 8.0.29
(custom)
|
|
| Microsoft | .NET 9.0 |
Affected:
9.0.0 , < 9.0.18
(custom)
|
|
| Microsoft | Microsoft Visual Studio 2022 version 17.12 |
Affected:
17.12.0 , < 17.12.22
(custom)
|
|
| Microsoft | Microsoft Visual Studio 2022 version 17.14 |
Affected:
17.14.0 , < 17.14.36
(custom)
|
|
| Microsoft | Microsoft Visual Studio 2026 version 18.7 |
Affected:
18.0 , < 18.7.4
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T03:57:39.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": ".NET 10.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.6",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"product": ".NET 8.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.0.29",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"product": ".NET 9.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "9.0.18",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft Visual Studio 2022 version 17.12",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.12.22",
"status": "affected",
"version": "17.12.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft Visual Studio 2022 version 17.14",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.14.36",
"status": "affected",
"version": "17.14.0",
"versionType": "custom"
}
]
},
{
"product": "Microsoft Visual Studio 2026 version 18.7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "18.7.4",
"status": "affected",
"version": "18.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.6",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0.29",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.18",
"versionStartIncluding": "9.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.12.22",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.14.36",
"versionStartIncluding": "17.14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2026:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.7.4",
"versionStartIncluding": "18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-07-14T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-302",
"description": "CWE-302: Authentication Bypass by Assumed-Immutable Data",
"lang": "en-US",
"type": "CWE"
},
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en-US",
"type": "CWE"
},
{
"cweId": "CWE-90",
"description": "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T22:22:17.777Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ASP.NET Core Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47303"
}
],
"title": "ASP.NET Core Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-47303",
"datePublished": "2026-07-14T18:45:33.438Z",
"dateReserved": "2026-05-18T23:53:33.898Z",
"dateUpdated": "2026-07-15T22:22:17.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47238 (GCVE-0-2026-47238)
Vulnerability from cvelistv5 – Published: 2026-06-11 22:53 – Updated: 2026-06-13 02:47| URL | Tags |
|---|---|
| https://github.com/MacWarrior/clipbucket-v5/secur… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| MacWarrior | clipbucket-v5 |
Affected:
< 5.5.3 - #133
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47238",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-13T02:44:22.593344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-13T02:47:13.973Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-x468-whmw-c863"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "clipbucket-v5",
"vendor": "MacWarrior",
"versions": [
{
"status": "affected",
"version": "\u003c 5.5.3 - #133"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #133, a normal authenticated user can edit another user\u0027s video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - #133."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T22:53:17.675Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-x468-whmw-c863",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-x468-whmw-c863"
}
],
"source": {
"advisory": "GHSA-x468-whmw-c863",
"discovery": "UNKNOWN"
},
"title": "ClipBucket: IDOR in videos subtitle editor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47238",
"datePublished": "2026-06-11T22:53:17.675Z",
"dateReserved": "2026-05-18T22:54:18.272Z",
"dateUpdated": "2026-06-13T02:47:13.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47236 (GCVE-0-2026-47236)
Vulnerability from cvelistv5 – Published: 2026-06-12 18:11 – Updated: 2026-06-15 13:09- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://github.com/solidtime-io/solidtime/securit… | x_refsource_CONFIRM |
| https://github.com/solidtime-io/solidtime/release… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| solidtime-io | solidtime |
Affected:
< 0.12.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47236",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T13:09:45.966353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T13:09:55.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "solidtime",
"vendor": "solidtime-io",
"versions": [
{
"status": "affected",
"version": "\u003c 0.12.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Solidtime is an open-source time-tracking app. Prior to version 0.12.2, Solidtime defines an explicit invitations:view and members:view permissions that gates the official invitations and members API. The Jetstream web team page authorizes access with only belongsToTeam() and then loads and serializes all pending invitation emails as well as members into Inertia props. Any employee who belongs to the organization can read pending invitation email addresses and members through the serialised inertia data in the team page body even though the same user is forbidden from the API. This issue has been patched in version 0.12.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T18:11:31.930Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/solidtime-io/solidtime/security/advisories/GHSA-33xq-wf67-c7vh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/solidtime-io/solidtime/security/advisories/GHSA-33xq-wf67-c7vh"
},
{
"name": "https://github.com/solidtime-io/solidtime/releases/tag/v0.12.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/solidtime-io/solidtime/releases/tag/v0.12.2"
}
],
"source": {
"advisory": "GHSA-33xq-wf67-c7vh",
"discovery": "UNKNOWN"
},
"title": "Solidtime team page exposes pending invitation and member emails to employees who lack invitations:view/members:view permission"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47236",
"datePublished": "2026-06-12T18:11:31.930Z",
"dateReserved": "2026-05-18T22:54:18.271Z",
"dateUpdated": "2026-06-15T13:09:55.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47195 (GCVE-0-2026-47195)
Vulnerability from cvelistv5 – Published: 2026-06-12 11:52 – Updated: 2026-06-12 12:26- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://github.com/duck-organization/questbot/sec… | x_refsource_CONFIRM |
| https://github.com/duck-organization/questbot/rel… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| duck-organization | questbot |
Affected:
< 1.1.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T12:25:56.524743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T12:26:16.745Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/duck-organization/questbot/security/advisories/GHSA-2wf8-554w-hrj9"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "questbot",
"vendor": "duck-organization",
"versions": [
{
"status": "affected",
"version": "\u003c 1.1.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the purge and slowmode commands check only guild-level permissions on the invoking member. They do not check the member\u2019s effective permissions in the channel where the command is run. A user denied channel-level moderation permissions can still delete messages or change slowmode through the bot. This issue has been patched in version 1.1.6."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T11:52:01.245Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/duck-organization/questbot/security/advisories/GHSA-2wf8-554w-hrj9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/duck-organization/questbot/security/advisories/GHSA-2wf8-554w-hrj9"
},
{
"name": "https://github.com/duck-organization/questbot/releases/tag/questbot-v1.1.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/duck-organization/questbot/releases/tag/questbot-v1.1.6"
}
],
"source": {
"advisory": "GHSA-2wf8-554w-hrj9",
"discovery": "UNKNOWN"
},
"title": "Quest Bot: Per-channel permission overwrite bypass in purge and slowmode commands."
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47195",
"datePublished": "2026-06-12T11:52:01.245Z",
"dateReserved": "2026-05-18T22:07:37.435Z",
"dateUpdated": "2026-06-12T12:26:16.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47120 (GCVE-0-2026-47120)
Vulnerability from cvelistv5 – Published: 2026-06-12 21:02 – Updated: 2026-06-15 17:27| URL | Tags |
|---|---|
| https://github.com/nezhahq/nezha/security/advisor… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47120",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T17:27:42.695212Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T17:27:46.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/nezhahq/nezha/security/advisories/GHSA-rxf6-wjh4-jfj6"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nezha",
"vendor": "nezhahq",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.4.0, \u003c 2.0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O\u0026M tool. From version 1.4.0 to before version 2.0.8, a RoleMember can fire other users\u0027 cron tasks via AlertRule.FailTriggerTasks (no ownership check). This issue has been patched in version 2.0.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T21:02:50.499Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nezhahq/nezha/security/advisories/GHSA-rxf6-wjh4-jfj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nezhahq/nezha/security/advisories/GHSA-rxf6-wjh4-jfj6"
}
],
"source": {
"advisory": "GHSA-rxf6-wjh4-jfj6",
"discovery": "UNKNOWN"
},
"title": "Nezha Monitoring: RoleMember can fire other users\u0027 cron tasks via AlertRule.FailTriggerTasks (no ownership check)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47120",
"datePublished": "2026-06-12T21:02:50.499Z",
"dateReserved": "2026-05-18T19:50:18.694Z",
"dateUpdated": "2026-06-15T17:27:46.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47102 (GCVE-0-2026-47102)
Vulnerability from cvelistv5 – Published: 2026-05-21 20:34 – Updated: 2026-07-15 00:49 X_Open Source| URL | Tags |
|---|---|
| https://www.obsidiansecurity.com/blog/litellm-pri… | technical-descriptionexploit |
| https://gist.github.com/13ph03nix/9ec616e1fdc77b3… | exploittechnical-description |
| https://huntr.com/bounties/8e75edfb-ff05-4e63-bfc… | third-party-advisoryexploit |
| https://github.com/BerriAI/litellm/releases/tag/v… | release-notes |
| https://github.com/BerriAI/litellm/pull/25541 | issue-tracking |
| https://github.com/BerriAI/litellm/commit/e6f18ce… | patch |
| https://github.com/BerriAI/litellm/commit/128d32d… | patch |
| https://www.vulncheck.com/advisories/litellm-priv… | third-party-advisory |
| https://access.redhat.com/security/cve/CVE-2026-47102 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2480634 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| Vendor | Product | Version | |
|---|---|---|---|
| BerriAI | litellm |
Affected:
0 , < 1.83.10
(semver)
|
|
| Red Hat | Exploit Intelligence |
cpe:/a:redhat:exploit_intelligence:0 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47102",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T03:55:45.020Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:exploit_intelligence:0"
],
"defaultStatus": "affected",
"packageName": "exploit-intelligence-tech-preview/vulnerability-analysis-rhel9",
"product": "Exploit Intelligence",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform-26/lightspeed-chatbot-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform-27/lightspeed-chatbot-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-llama-stack-core-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-mlflow-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-trustyai-garak-lls-provider-dsp-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-21T20:34:37.893Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in LiteLLM. A user with access to the `/user/update` endpoint can exploit a privilege escalation vulnerability. By modifying their own `user_role` to `proxy_admin`, an attacker can gain full administrative access to LiteLLM, including control over all users, teams, keys, models, and prompt history."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-915",
"description": "Improperly Controlled Modification of Dynamically-Determined Object Attributes",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T00:49:14.653Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-47102"
},
{
"name": "RHBZ#2480634",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480634"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-47102.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-21T21:00:51.047Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-21T20:34:37.893Z",
"value": "Made public."
}
],
"title": "litellm: LiteLLM: Privilege escalation through user role modification",
"workarounds": [
{
"lang": "en",
"value": "Update the litellm package to version 1.83.10 or later.\n\nUntil updated builds are available, restrict access to LiteLLM proxy /user/update and /user/bulk_update endpoints so only trusted administrators can modify user accounts. Audit user_role assignments for unexpected proxy_admin promotions."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageURL": "pkg:github/BerriAI/litellm",
"product": "litellm",
"repo": "https://github.com/BerriAI/litellm",
"vendor": "BerriAI",
"versions": [
{
"lessThan": "1.83.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fenix Qiao (aka 13ph03nix) from Obsidian Security"
}
],
"datePublic": "2026-04-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxy_admin, gaining full administrative access to LiteLLM including all users, teams, keys, models, and prompt history. Users with the org_admin role have legitimate access to this endpoint and can exploit this vulnerability without chaining any additional flaw."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T21:33:00.372Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.obsidiansecurity.com/blog/litellm-privilege-escalation-rce"
},
{
"tags": [
"exploit",
"technical-description"
],
"url": "https://gist.github.com/13ph03nix/9ec616e1fdc77b3673509c60206e827f"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://huntr.com/bounties/8e75edfb-ff05-4e63-bfca-2d93d03fb3b9"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/BerriAI/litellm/releases/tag/v1.83.10-stable"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/BerriAI/litellm/pull/25541"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BerriAI/litellm/commit/e6f18ce75b111c9b93dc15c72894cbdeb53177ce"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BerriAI/litellm/commit/128d32d2494b759c5d15da3452452af4c6a34c01"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/litellm-privilege-escalation-via-user-update"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "LiteLLM \u003c 1.83.10 Privilege Escalation via User Update",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-47102",
"datePublished": "2026-05-21T20:34:37.893Z",
"dateReserved": "2026-05-18T19:22:26.748Z",
"dateUpdated": "2026-07-15T00:49:14.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-47101 (GCVE-0-2026-47101)
Vulnerability from cvelistv5 – Published: 2026-05-21 20:33 – Updated: 2026-07-15 00:49 X_Open Source| URL | Tags |
|---|---|
| https://www.obsidiansecurity.com/blog/litellm-pri… | technical-descriptionexploit |
| https://gist.github.com/13ph03nix/9ec616e1fdc77b3… | exploittechnical-description |
| https://huntr.com/bounties/8e75edfb-ff05-4e63-bfc… | third-party-advisoryexploit |
| https://github.com/BerriAI/litellm/releases/tag/v… | release-notes |
| https://github.com/BerriAI/litellm/commit/d910a95… | patch |
| https://github.com/BerriAI/litellm/commit/2220f30… | patch |
| https://github.com/BerriAI/litellm/commit/5190bd0… | patch |
| https://www.vulncheck.com/advisories/litellm-priv… | third-party-advisory |
| https://access.redhat.com/security/cve/CVE-2026-47101 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2480635 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| Vendor | Product | Version | |
|---|---|---|---|
| BerriAI | litellm |
Affected:
0 , < 1.83.14
(semver)
|
|
| Red Hat | Exploit Intelligence |
cpe:/a:redhat:exploit_intelligence:0 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47101",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T03:55:46.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:exploit_intelligence:0"
],
"defaultStatus": "affected",
"packageName": "exploit-intelligence-tech-preview/vulnerability-analysis-rhel9",
"product": "Exploit Intelligence",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform-26/lightspeed-chatbot-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform-27/lightspeed-chatbot-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-llama-stack-core-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-mlflow-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-trustyai-garak-lls-provider-dsp-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-21T20:33:30.163Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in LiteLLM. An authenticated internal user can exploit this vulnerability by creating API keys that grant access to routes beyond their assigned role. This occurs because the system fails to verify if the specified allowed_routes for the API key align with the user\u0027s actual permissions. Consequently, a malicious internal user can achieve full privilege escalation, gaining administrative access (proxy_admin) and bypassing role-based access controls."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T00:49:17.105Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-47101"
},
{
"name": "RHBZ#2480635",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480635"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-47101.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-21T21:00:54.938Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-21T20:33:30.163Z",
"value": "Made public."
}
],
"title": "litellm: LiteLLM: Privilege escalation via API key generation with insufficient permission validation",
"workarounds": [
{
"lang": "en",
"value": "Update the litellm package to version 1.83.14 or later.\n\nUntil updated builds are available, restrict LiteLLM proxy deployments so only trusted administrators can access key-generation and management routes. Audit existing API keys for allowed_routes grants that exceed the creating user role, and rotate keys where unauthorized admin-route access is found."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageURL": "pkg:github/BerriAI/litellm",
"product": "litellm",
"repo": "https://github.com/BerriAI/litellm",
"vendor": "BerriAI",
"versions": [
{
"lessThan": "1.83.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fenix Qiao (aka 13ph03nix) from Obsidian Security"
}
],
"datePublic": "2026-04-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored without verifying that the specified routes fall within the user\u0027s own permissions. A key created with access to admin-only routes can then be used to reach those routes successfully, bypassing the role-based access controls that would otherwise block the request, enabling full privilege escalation from internal_user to proxy_admin."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T21:32:59.692Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.obsidiansecurity.com/blog/litellm-privilege-escalation-rce"
},
{
"tags": [
"exploit",
"technical-description"
],
"url": "https://gist.github.com/13ph03nix/9ec616e1fdc77b3673509c60206e827f"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://huntr.com/bounties/8e75edfb-ff05-4e63-bfca-2d93d03fb3b9"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/BerriAI/litellm/releases/tag/v1.83.14-stable"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BerriAI/litellm/commit/d910a95661fce3cdd36f3b06c03ecf9c46c6457c"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BerriAI/litellm/commit/2220f3076ac89bd2a2e3439acf57dcfbec2434c9"
},
{
"tags": [
"patch"
],
"url": "https://github.com/BerriAI/litellm/commit/5190bd07eb23a037745d86328096f54378f1614a"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/litellm-privilege-escalation-via-api-key-generation"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "LiteLLM \u003c 1.83.14 Privilege Escalation via API Key Generation",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-47101",
"datePublished": "2026-05-21T20:33:30.163Z",
"dateReserved": "2026-05-18T19:22:26.748Z",
"dateUpdated": "2026-07-15T00:49:17.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
No CAPEC attack patterns related to this CWE.