Moderate severityNVD Advisory· Published May 2, 2025· Updated May 5, 2025
CVE-2025-47226
CVE-2025-47226
Description
Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
snipe/snipe-itPackagist | < 8.1.0 | 8.1.0 |
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-h3vp-qwmx-5j25ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-47226ghsaADVISORY
- github.com/grokability/snipe-it/compare/v8.0.4...v8.1.0ghsaWEB
- github.com/grokability/snipe-it/pull/16672ghsaWEB
- github.com/grokability/snipe-it/releases/tag/v8.1.0ghsaWEB
- github.com/koyomihack00/CVE-2025-47226/blob/main/PoC/idor-exploit.mdghsaWEB
News mentions
0No linked articles in our index yet.