CVE-2026-38533 | Snipe-IT 8.4.0 PUT /api/v1/users/ improper authentication

Inserito da Angelo Barbosa | Apr 14, 2026 | CVE

A vulnerability was found in Snipe-IT 8.4.0. It has been rated as critical. This vulnerability affects unknown code of the file /api/v1/users/ of the component PUT Handler. The manipulation leads to improper authentication.

This vulnerability is documented as CVE-2026-38533. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-38533 | Snipe-IT 8.4.0 PUT /api/v1/users/ improper authentication

Post correlati

CVE-2025-50538 | FlowiseAI Flowise up to 3.0.4 Chat Log cross site scripting (GHSA-964p-j4gg-mhwc)

CVE-2021-23282 | Eaton Intelligent Power Manager up to 1.69 cross site scripting

CVE-2026-5762 | Wikimedia Reportcident Extension 1.43.7/1.44.4/1.45.2 on MediaWiki allocation of resources

CVE-2024-0791 | WOLF Plugin up to 1.0.8.1 on WordPress authorization