CVE-2026-39957 | Lychee up to 7.5.3 listAll authorization (GHSA-4v4c-g2jv-4g25)

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Lychee up to 7.5.3. This issue affects the function SharingController::listAll. Such manipulation leads to incorrect authorization.

This vulnerability is traded as CVE-2026-39957. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2026-39957 | Lychee up to 7.5.3 listAll authorization (GHSA-4v4c-g2jv-4g25)

Post correlati

CVE-2024-8690 | Palo Alto Networks Cortex XDR Agent up to 7.9.102-CE on Windows Detection Mechanism expected behavior violation

CVE-2024-9724 | Trimble SketchUp Viewer SKP File Parser use after free (ZDI-24-1479)

CVE-2023-46383 | LOYTEC LINX Configurator 7.4.10 cleartext transmission

CVE-2024-10726 | mainichiweb Friendly Functions for Welcart Plugin up to 1.2.4 on WordPress Setting cross-site request forgery