CVE-2026-40300 | Zulip up to 11.x history message_edit_history_visibility_policy access control

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability described as critical has been identified in Zulip up to 11.x. Affected by this vulnerability is the function message_edit_history_visibility_policy of the file /api/v1/messages/{id}/history. Executing a manipulation can lead to improper access controls.

This vulnerability appears as CVE-2026-40300. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-40300 | Zulip up to 11.x history message_edit_history_visibility_policy access control

Post correlati

CVE-2024-7645 | SourceCodester Clinics Patient Management System 1.0 User Page users.php cross-site request forgery

CVE-2023-51014 | Totolink EX1800T 9.1.0cu.2112_B20220316 cstecgi.cgi setLanConfig lanSecDns Privilege Escalation

CVE-2024-6520 | FluentForm Plugin up to 5.1.19 on WordPress cross site scripting

CVE-2024-23341 | TuiTse-TsuSin prior 1.3.2 tuitse_html cross site scripting