CVE-2026-41649 | Outline up to 1.6.x API Endpoint shares.create authorization (GHSA-23jj-rp48-w7q7)

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability described as problematic has been identified in Outline up to 1.6.x. The impacted element is the function shares.create of the component API Endpoint. Such manipulation leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2026-41649. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-41649 | Outline up to 1.6.x API Endpoint shares.create authorization (GHSA-23jj-rp48-w7q7)

Post correlati

CVE-2024-3203 | c-blosc2 up to 2.13.2 ndlz8x8.c ndlz8_decompress heap-based overflow

CVE-2025-48865 | Fabio up to 1.6.5 Header data authenticity

CVE-2024-0172 | Dell PowerEdge Server BIOS/Precision Rack BIOS privileges management (dsa-2024-035)

CVE-2025-38250 | Linux Kernel up to 6.12.35/6.15.4/6.16-rc3 Bluetooth include/linux/skbuff.h vhci_flush use after free