CVE-2026-39957 | Lychee up to 7.5.3 listAll authorization (GHSA-4v4c-g2jv-4g25)

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Lychee up to 7.5.3. This issue affects the function SharingController::listAll. Such manipulation leads to incorrect authorization.

This vulnerability is traded as CVE-2026-39957. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2026-39957 | Lychee up to 7.5.3 listAll authorization (GHSA-4v4c-g2jv-4g25)

Post correlati

CVE-2024-38085 | Microsoft unknown vulnerability

CVE-2024-1028 | SourceCodester Facebook News Feed Like 1.0 Post Description cross site scripting

CVE-2023-49293 | vitejs vite up to 4.4.11/4.5.0/5.0.4 URL cross site scripting (GHSA-92r3-m2mg-pj97)

CVE-2025-21655 | Linux Kernel up to 6.1.124/6.6.71/6.12.9 eventfd io_eventfd_signal reference count