Количество 2
Количество 2
CVE-2026-0650
OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.
GHSA-rwp9-5g7q-73q3
OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-0650 OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data. | 0% Низкий | около 1 месяца назад | |
| GHSA-rwp9-5g7q-73q3 OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware | 0% Низкий | около 1 месяца назад |
Уязвимостей на страницу