CVE-2026-35479 | InvenTree up to 1.2.6 improper authorization (GHSA-7c3q-vwcv-2vp7)

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability labeled as critical has been found in InvenTree up to 1.2.6. This issue affects some unknown processing. Such manipulation leads to improper authorization.

This vulnerability is uniquely identified as CVE-2026-35479. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-35479 | InvenTree up to 1.2.6 improper authorization (GHSA-7c3q-vwcv-2vp7)

Post correlati

CVE-2024-8535 | Citrix NetScaler ADC/NetScaler Gateway up to 29.71/37.206/55.33/55.320 Kerberos SSO Configuration access control (CTX691608)

CVE-2023-47707 | IBM Security Guardium Key Lifecycle Manager 4.3 Web UI cross site scripting (XFDB-271522)

CVE-2024-24486 | Silex DS-600 1.4.1 Setting access control

CVE-2025-49127 | kafbat kafka-ui 1.0.0 deserialization