CVE-2026-33132 | Zitadel up to 3.4.8/4.12.2 API V2 Endpoint authorization (GHSA-g2pf-ww5m-2r9m)

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability has been found in Zitadel up to 3.4.8/4.12.2 and classified as problematic. The affected element is an unknown function of the component API V2 Endpoint. The manipulation leads to incorrect authorization.

This vulnerability is documented as CVE-2026-33132. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-33132 | Zitadel up to 3.4.8/4.12.2 API V2 Endpoint authorization (GHSA-g2pf-ww5m-2r9m)

Post correlati

CVE-2024-10649 | wandb openui c945bb859979659add5f490a874140ad17c56a5d missing authentication

CVE-2024-48461 | TeslaLogger Admin Panel up to 1.59.5 New Journey cross site scripting

CVE-2025-60358 | Radare2 up to 5.9.8 _load_relocations memory leak

CVE-2024-13423 | silkalns Sparkling Plugin up to 2.4.9 on WordPress sparkling_activate_plugin authorization