CWE-639
Authorization Bypass Through User-Controlled Key
Description
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,068)
page 45 of 54| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47716 | Low | 0.13 | 3.1 | 0.00 | May 26, 2026 | Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, In affected versions, the issue list view authorizes access through the project in the URL, but applies the requested bulk action to the submitted issue IDs without also requiring those issues to belong to that… | ||
| CVE-2026-47715 | Low | 0.13 | 3.1 | 0.00 | May 26, 2026 | Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink issue event pages accept a direct event identifier from the URL and, in affected versions, look up that event without also requiring it to belong to the issue in the URL. This is a project-boundary… | ||
| CVE-2026-39967 | Low | 0.13 | 3.1 | 0.00 | May 22, 2026 | TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the bot engine's the findResult query does not filter results by typebotId, allowing an authenticated user to load result data (user answers, variable values) from a different typebot by supplying a foreign… | ||
| CVE-2026-29071 | Low | 0.13 | 3.1 | 0.00 | Mar 27, 2026 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via `/api/v1/retrieval/query/collection`. Version 0.8.6 patches the issue. | ||
| CVE-2026-45155 | Low | 0.10 | 2.6 | 0.00 | Jun 1, 2026 | Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have… | ||
| CVE-2026-47068 | Low | 0.08 | — | 0.00 | May 20, 2026 | Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenix_storybook allows cross-session PubSub topic injection via a URL query parameter. 'Elixir.PhoenixStorybook.Story.ComponentIframeLive':handle_params/3 in lib/phoenix_storybook/live/story/compon… | ||
| CVE-2026-5199 | Low | 0.08 | — | 0.00 | Apr 1, 2026 | A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow ID(s) and, for signal operations, signal names.… | ||
| CVE-2026-47388 | low | 0.07 | — | 0.00 | Jun 5, 2026 | ### Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP `readAttachment` tool did not verify the file's ownership. ### Details The MCP… | ||
| CVE-2020-13700 | — | 0.07 | — | 0.13 | Jun 24, 2020 | An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as… | ||
| CVE-2026-47713 | Low | 0.06 | 2.0 | 0.00 | May 28, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user -> multi-user migration even when the device record… | ||
| CVE-2024-50633 | — | 0.01 | — | 0.01 | Jan 16, 2025 | A Broken Object Level Authorization (BOLA) vulnerability in Indico through 3.3.5 allows attackers to read information by sending a crafted POST request to the component /api/principals. NOTE: this is disputed by the Supplier because the product intentionally lets all users… | ||
| CVE-2026-54683 | 0.00 | — | — | Jun 18, 2026 | ## Summary A previous advisory (CVE-2026-49463 / GHSA-qpm9-h556-mwxm) reported that any logged-in user could download any document by its identifier, and stated this was fixed in 3.0.1. For the document-content part that fix was **incomplete**: documents remained downloadable… | |||
| CVE-2026-55670 | low | 0.00 | — | — | Jun 18, 2026 | ### Summary A flaw in the user lifecycle enforcement allowed deleted users to retain their original organization/tenant association. Recreating a deleted user under a distinct organization can cause the new user instance to be incorrectly provisioned within the original… | ||
| CVE-2026-54324 | 0.00 | — | 0.00 | Jun 17, 2026 | ### Summary A cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. ### Impact The notification gateway's… | |||
| CVE-2026-54015 | 0.00 | — | 0.00 | Jun 17, 2026 | ## Summary Open WebUI's prompt version-history endpoints authorize the `prompt_id` in the URL but then act on caller-supplied history IDs without verifying that the history row belongs to that prompt (`history_entry.prompt_id == prompt.id`). Three operations are affected: -… | |||
| CVE-2026-54009 | 0.00 | — | 0.00 | Jun 17, 2026 | ## summary `POST /api/chat/completions` accepts an `image_url.url` value that, when it does NOT start with `http://`, `https://`, or `data:image/`, is interpreted as a file id and resolved against the global file table with no ownership check. An authenticated user can… | |||
| CVE-2026-54006 | 0.00 | — | 0.00 | Jun 17, 2026 | ### Summary `POST /api/v1/calendars/events/{event_id}/update` validates that the caller has **write** access to the calendar the event *currently* belongs to, but does not validate the **destination** `calendar_id` supplied in the request body. The model layer then persists the… | |||
| CVE-2026-48067 | 0.00 | — | 0.00 | Jun 11, 2026 | The `recordSelectOptionsQuery()` method may be used to scope the options available in the `Select` field for `AttachAction` and `AssociateAction`. However, the built-in validation rule for these fields did not apply the same scope. As a result, a user who can trigger these… | |||
| CVE-2026-47378 | 0.00 | — | 0.00 | Jun 5, 2026 | ### Summary Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on hidden columns enabling boolean-blind extraction,… | |||
| CVE-2026-47408 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary **Type:** Insecure Direct Object Reference. The `GET /workspaces/{workspace_id}/issues/{issue_id}/activity` endpoint is gated by `require_workspace_member(workspace_id)` and dispatches to `ActivityService.list_for_issue(issue_id)`, which executes `SELECT * FROM… |
- risk 0.13cvss 3.1epss 0.00
Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, In affected versions, the issue list view authorizes access through the project in the URL, but applies the requested bulk action to the submitted issue IDs without also requiring those issues to belong to that…
- risk 0.13cvss 3.1epss 0.00
Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink issue event pages accept a direct event identifier from the URL and, in affected versions, look up that event without also requiring it to belong to the issue in the URL. This is a project-boundary…
- risk 0.13cvss 3.1epss 0.00
TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the bot engine's the findResult query does not filter results by typebotId, allowing an authenticated user to load result data (user answers, variable values) from a different typebot by supplying a foreign…
- risk 0.13cvss 3.1epss 0.00
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via `/api/v1/retrieval/query/collection`. Version 0.8.6 patches the issue.
- risk 0.10cvss 2.6epss 0.00
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have…
- risk 0.08cvss —epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenix_storybook allows cross-session PubSub topic injection via a URL query parameter. 'Elixir.PhoenixStorybook.Story.ComponentIframeLive':handle_params/3 in lib/phoenix_storybook/live/story/compon…
- risk 0.08cvss —epss 0.00
A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow ID(s) and, for signal operations, signal names.…
- risk 0.07cvss —epss 0.00
### Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP `readAttachment` tool did not verify the file's ownership. ### Details The MCP…
- CVE-2020-13700Jun 24, 2020risk 0.07cvss —epss 0.13
An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as…
- risk 0.06cvss 2.0epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user -> multi-user migration even when the device record…
- CVE-2024-50633Jan 16, 2025risk 0.01cvss —epss 0.01
A Broken Object Level Authorization (BOLA) vulnerability in Indico through 3.3.5 allows attackers to read information by sending a crafted POST request to the component /api/principals. NOTE: this is disputed by the Supplier because the product intentionally lets all users…
- CVE-2026-54683Jun 18, 2026risk 0.00cvss —epss —
## Summary A previous advisory (CVE-2026-49463 / GHSA-qpm9-h556-mwxm) reported that any logged-in user could download any document by its identifier, and stated this was fixed in 3.0.1. For the document-content part that fix was **incomplete**: documents remained downloadable…
- risk 0.00cvss —epss —
### Summary A flaw in the user lifecycle enforcement allowed deleted users to retain their original organization/tenant association. Recreating a deleted user under a distinct organization can cause the new user instance to be incorrectly provisioned within the original…
- CVE-2026-54324Jun 17, 2026risk 0.00cvss —epss 0.00
### Summary A cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. ### Impact The notification gateway's…
- CVE-2026-54015Jun 17, 2026risk 0.00cvss —epss 0.00
## Summary Open WebUI's prompt version-history endpoints authorize the `prompt_id` in the URL but then act on caller-supplied history IDs without verifying that the history row belongs to that prompt (`history_entry.prompt_id == prompt.id`). Three operations are affected: -…
- CVE-2026-54009Jun 17, 2026risk 0.00cvss —epss 0.00
## summary `POST /api/chat/completions` accepts an `image_url.url` value that, when it does NOT start with `http://`, `https://`, or `data:image/`, is interpreted as a file id and resolved against the global file table with no ownership check. An authenticated user can…
- CVE-2026-54006Jun 17, 2026risk 0.00cvss —epss 0.00
### Summary `POST /api/v1/calendars/events/{event_id}/update` validates that the caller has **write** access to the calendar the event *currently* belongs to, but does not validate the **destination** `calendar_id` supplied in the request body. The model layer then persists the…
- CVE-2026-48067Jun 11, 2026risk 0.00cvss —epss 0.00
The `recordSelectOptionsQuery()` method may be used to scope the options available in the `Select` field for `AttachAction` and `AssociateAction`. However, the built-in validation rule for these fields did not apply the same scope. As a result, a user who can trigger these…
- CVE-2026-47378Jun 5, 2026risk 0.00cvss —epss 0.00
### Summary Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on hidden columns enabling boolean-blind extraction,…
- CVE-2026-47408May 29, 2026risk 0.00cvss —epss 0.00
## Summary **Type:** Insecure Direct Object Reference. The `GET /workspaces/{workspace_id}/issues/{issue_id}/activity` endpoint is gated by `require_workspace_member(workspace_id)` and dispatches to `ActivityService.list_for_issue(issue_id)`, which executes `SELECT * FROM…