CVE-2025-15602 | Grokability Snipe-IT up to 8.3.6 API dynamically-determined object attributes

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability was found in Grokability Snipe-IT up to 8.3.6. It has been declared as critical. Affected is an unknown function of the component API Handler. Such manipulation leads to dynamically-determined object attributes.

This vulnerability is uniquely identified as CVE-2025-15602. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2025-15602 | Grokability Snipe-IT up to 8.3.6 API dynamically-determined object attributes

Post correlati

CVE-2024-2814 | Tenda AC15 15.03.20_multi /goform/DhcpListClient fromDhcpListClient page stack-based overflow

CVE-2024-55633 | Apache Superset up to 4.0.x Postgres Analytic Database improper authorization

CVE-2024-27113 | Simple Online Planning SO Planning prior 1.52.02 Public View Setting information disclosure

CVE-2025-45475 | Maccms10 2025.1000.4047 Friend Link Management server-side request forgery