CVE-2026-11439 | theonedev up to 15.0.5 Parent Project /projects/ project.parentId improper authorization

Inserito da Angelo Barbosa | Giu 5, 2026 | CVE

A vulnerability was found in theonedev onedev up to 15.0.5. It has been declared as critical. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization.

This vulnerability was named CVE-2026-11439. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-11439 | theonedev up to 15.0.5 Parent Project /projects/ project.parentId improper authorization

Post correlati

CVE-2025-6698 | LabRedesCefetRJ WeGIA 3.4.0 Adicionar tipo adicionar_tipoSaida.php Insira o novo tipo cross site scripting

CVE-2024-33869 | Ghostscript path traversal

CVE-2024-30106 | HCL Connections 7.0/8.0 Request information disclosure (KB0116967)

CVE-2025-38275 | Linux Kernel prior 6.1.142/6.6.94/6.12.34/6.15.3/6.16-rc1 phy null pointer dereference