VYPR

Backstage\/plugin Catalog Backend Module Unprocessed

by Linux Foundation

CVEs (1)

  • CVE-2026-44374MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission authorization checks. Any authenticated user can access unprocessed entity…