VYPR

Nova Toggle 5

by Almirhodzic

Source repositories

CVEs (1)

  • CVE-2026-42202MedMay 8, 2026
    risk 0.35cvss 6.5epss 0.00

    nova-toggle-5 enables fliping booleans in the index. Prior to version 1.3.0, the toggle endpoint (POST/nova-vendor/nova-toggle/toggle/{resource}/{resourceId}) was protected only by web + auth: middleware. Any user authenticated on the configured guard could call the…