CVE-2026-32994 | Rocket.Chat up to 8.4.x Message Endpoint autotranslate.translateMessage access control

Inserito da Angelo Barbosa | Mag 19, 2026 | CVE

A vulnerability was found in Rocket.Chat up to 8.4.x. It has been rated as critical. Affected is an unknown function of the file /api/v1/autotranslate.translateMessage of the component Message Endpoint. Performing a manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2026-32994. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-32994 | Rocket.Chat up to 8.4.x Message Endpoint autotranslate.translateMessage access control

Post correlati

CVE-2021-47928 | opencartextensions Extension TMD Vendor System 3.0 product_id sql injection (Exploit 50493 / EDB-50493)

CVE-2026-42847 | MacWarrior clipbucket-v5 up to up to 5.5.3 Authenticated Admin Endpoint action_logs.php fetch_action_logs Type sql injection (GHSA-x33j-5cqg-vrrc)

CVE-2024-30568 | Netgear R6850 1.1.0.88 c4-IPAddr command injection

CVE-2025-26709 | ZTE F50 1.0.0B07 Web Module Interface information disclosure