CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-4795 (GCVE-0-2026-4795)
Vulnerability from cvelistv5 – Published: 2026-05-26 01:42 – Updated: 2026-05-26 12:18- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://www.zyxel.com/global/en/support/security-… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Zyxel | GS1200-5v3 firmware |
Affected:
<= 1.00(ACPS.2)C0
|
|
| Zyxel | GS1200-8v3 firmware |
Affected:
<= 1.00(ACPT.2)C0
|
|
| Zyxel | GS1200-5HPv3 firmware |
Affected:
<= 1.00(ACPU.2)C0
|
|
| Zyxel | GS1200-8HPv3 firmware |
Affected:
<= 1.00(ACPV.2)C0
|
|
| Zyxel | GS1200-10v3 firmware |
Affected:
<= 1.00(ACPW.2)C0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4795",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T12:17:48.434391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T12:18:03.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS1200-5v3 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.00(ACPS.2)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS1200-8v3 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.00(ACPT.2)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS1200-5HPv3 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.00(ACPU.2)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS1200-8HPv3 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.00(ACPV.2)C0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS1200-10v3 firmware",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.00(ACPW.2)C0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00(ACPS.2)C0,\u0026nbsp;GS1200-8v3 firmware versions through 1.00(ACPT.2)C0,\u0026nbsp; GS1200-5HPv3 firmware versions through 1.00(ACPU.2)C0, GS1200-8HPv3 firmware versions through 1.00(ACPV.2)C0, and GS1200-10v3 firmware versions through 1.00(ACPW.2)C0 could allow a LAN-based, unauthenticated attacker to read the system configuration from a log file via a crafted HTTP request."
}
],
"value": "A missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00(ACPS.2)C0,\u00a0GS1200-8v3 firmware versions through 1.00(ACPT.2)C0,\u00a0 GS1200-5HPv3 firmware versions through 1.00(ACPU.2)C0, GS1200-8HPv3 firmware versions through 1.00(ACPV.2)C0, and GS1200-10v3 firmware versions through 1.00(ACPW.2)C0 could allow a LAN-based, unauthenticated attacker to read the system configuration from a log file via a crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T01:42:37.914Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-missing-authorization-vulnerability-in-gs1200v3-series-switches-05-26-2026"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2026-4795",
"datePublished": "2026-05-26T01:42:37.914Z",
"dateReserved": "2026-03-25T02:49:26.644Z",
"dateUpdated": "2026-05-26T12:18:03.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4807 (GCVE-0-2026-4807)
Vulnerability from cvelistv5 – Published: 2026-05-07 02:27 – Updated: 2026-05-07 14:58- CWE-862 - Missing Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin |
Affected:
0 , ≤ 1.6.10.6
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-07T13:54:23.384604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T14:58:54.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin",
"vendor": "croixhaug",
"versions": [
{
"lessThanOrEqual": "1.6.10.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Athiwat Tiprasaharn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.6.10.6. This is due to a flawed authorization logic in the nonce_permissions_check() method combined with the public exposure of a site-wide reusable nonce. The plugin exposes a public_nonce value through the /wp-json/ssa/v1/embed-inner endpoint, which is accessible to unauthenticated users. The appointment deletion endpoint at /wp-json/ssa/v1/appointments/{id}/delete and /wp-json/ssa/v1/appointments/bulk use a permission check that accepts requests containing both an X-WP-Nonce header (with any arbitrary value) and an X-PUBLIC-Nonce header (with the valid public nonce). When the X-WP-Nonce validation fails, the function falls back to validating the X-PUBLIC-Nonce without properly rejecting the request. Since the public_nonce is exposed to all unauthenticated visitors and is site-wide (not user-specific or appointment-specific), attackers can obtain it and use it to view details of arbitrary appointments, including the public_edit_url, or delete arbitrary appointments by ID. This makes it possible for unauthenticated attackers to view, delete or modify any appointment in the system, disclosing sensitive appointment data, causing service disruption, and loss of booking records."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T02:27:12.208Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/436ab843-7729-4d57-9c9e-2ede2f101ddb?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.29/includes/lib/td-util/class-td-api-model.php#L361"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.29/includes/lib/td-util/class-td-api-model.php#L110"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.29/includes/class-appointment-model.php#L698"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.29/includes/class-shortcodes.php#L889"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.29/booking-app-new/iframe-inner.php#L444"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.29/includes/class-bootstrap.php#L151"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3511993/simply-schedule-appointments/trunk/includes"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-25T12:43:44.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-05-06T13:33:55.000Z",
"value": "Disclosed"
}
],
"title": "Appointment Booking Calendar \u003c= 1.6.10.6 - Unauthenticated Arbitrary Appointment View, Modification and Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-4807",
"datePublished": "2026-05-07T02:27:12.208Z",
"dateReserved": "2026-03-25T12:28:32.101Z",
"dateUpdated": "2026-05-07T14:58:54.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48119 (GCVE-0-2026-48119)
Vulnerability from cvelistv5 – Published: 2026-06-12 21:03 – Updated: 2026-06-15 19:27- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/nezhahq/nezha/security/advisor… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48119",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T17:05:16.195138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T19:27:29.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/nezhahq/nezha/security/advisories/GHSA-4g6j-g789-rghm"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nezha",
"vendor": "nezhahq",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.20.0, \u003c 2.0.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O\u0026M tool. From version 0.20.0 to before version 2.0.12, authenticated agents can forge service-monitor results for other users\u0027 services. This issue has been patched in version 2.0.12."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T21:03:17.672Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nezhahq/nezha/security/advisories/GHSA-4g6j-g789-rghm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nezhahq/nezha/security/advisories/GHSA-4g6j-g789-rghm"
}
],
"source": {
"advisory": "GHSA-4g6j-g789-rghm",
"discovery": "UNKNOWN"
},
"title": "Nezha Monitoring: Authenticated agents can forge service-monitor results for other users\u0027 services"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48119",
"datePublished": "2026-06-12T21:03:17.672Z",
"dateReserved": "2026-05-20T18:46:58.290Z",
"dateUpdated": "2026-06-15T19:27:29.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4812 (GCVE-0-2026-4812)
Vulnerability from cvelistv5 – Published: 2026-04-15 01:25 – Updated: 2026-04-15 16:01- CWE-862 - Missing Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| wpengine | Advanced Custom Fields (ACF®) |
Affected:
0 , ≤ 6.7.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4812",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T15:59:04.353708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T16:01:25.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Advanced Custom Fields (ACF\u00ae)",
"vendor": "wpengine",
"versions": [
{
"lessThanOrEqual": "6.7.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fernando Mecozzi"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disclosure in versions up to and including 6.7.0. This is due to AJAX field query endpoints accepting user-supplied filter parameters that override field-configured restrictions without proper authorization checks. This makes it possible for unauthenticated attackers with access to a frontend ACF form to enumerate and disclose information about draft/private posts, restricted post types, and other data that should be restricted by field configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T01:25:17.540Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51e3a976-a1a3-411a-b88c-f1cb2aa8d5eb?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-post_object.php#L155"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-post_object.php#L155"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-relationship.php#L180"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-relationship.php#L180"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-relationship.php#L171"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-relationship.php#L171"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-relationship.php#L187"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-relationship.php#L187"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-page_link.php#L144"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-page_link.php#L144"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-user.php#L435"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-user.php#L435"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-post_object.php#L92"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-post_object.php#L92"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/trunk/includes/fields/class-acf-field-relationship.php#L118"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-custom-fields/tags/6.7.0/includes/fields/class-acf-field-relationship.php#L118"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-14T12:58:08.000Z",
"value": "Disclosed"
}
],
"title": "Advanced Custom Fields (ACF\u00ae) \u003c= 6.7.0 - Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-4812",
"datePublished": "2026-04-15T01:25:17.540Z",
"dateReserved": "2026-03-25T13:02:36.082Z",
"dateUpdated": "2026-04-15T16:01:25.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48127 (GCVE-0-2026-48127)
Vulnerability from cvelistv5 – Published: 2026-07-10 21:23 – Updated: 2026-07-10 21:23- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/frappe/frappe/security/advisor… | x_refsource_CONFIRM |
| https://github.com/frappe/frappe/pull/39407 | x_refsource_MISC |
| https://github.com/frappe/frappe/pull/39550 | x_refsource_MISC |
| https://github.com/frappe/frappe/pull/39553 | x_refsource_MISC |
| https://github.com/frappe/frappe/commit/4bf27db10… | x_refsource_MISC |
| https://github.com/frappe/frappe/commit/b1c86042e… | x_refsource_MISC |
| https://github.com/frappe/frappe/commit/fee1af6d8… | x_refsource_MISC |
| https://github.com/frappe/frappe/releases/tag/v15.110.0 | x_refsource_MISC |
| https://github.com/frappe/frappe/releases/tag/v16.20.0 | x_refsource_MISC |
{
"containers": {
"cna": {
"affected": [
{
"product": "frappe",
"vendor": "frappe",
"versions": [
{
"status": "affected",
"version": "\u003c 15.110.0"
},
{
"status": "affected",
"version": "\u003e= 16.0.0-beta.1, \u003c 16.20.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Frappe is a full-stack web application framework. Prior to 16.20.0 and 15.110.0, users without write access could attach files to any doctype through file-handling API endpoints such as add_attachments. This issue is fixed in versions 16.20.0 and 15.110.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T21:23:37.101Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/frappe/frappe/security/advisories/GHSA-fwrv-4rw4-97fw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/frappe/frappe/security/advisories/GHSA-fwrv-4rw4-97fw"
},
{
"name": "https://github.com/frappe/frappe/pull/39407",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/pull/39407"
},
{
"name": "https://github.com/frappe/frappe/pull/39550",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/pull/39550"
},
{
"name": "https://github.com/frappe/frappe/pull/39553",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/pull/39553"
},
{
"name": "https://github.com/frappe/frappe/commit/4bf27db101c34bd542a760290fc0775efa5cd0e4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/commit/4bf27db101c34bd542a760290fc0775efa5cd0e4"
},
{
"name": "https://github.com/frappe/frappe/commit/b1c86042e6f85986f35365c80bb1d102ff1cd0e4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/commit/b1c86042e6f85986f35365c80bb1d102ff1cd0e4"
},
{
"name": "https://github.com/frappe/frappe/commit/fee1af6d89910f6b174fd094184060aeb641d07d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/commit/fee1af6d89910f6b174fd094184060aeb641d07d"
},
{
"name": "https://github.com/frappe/frappe/releases/tag/v15.110.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/releases/tag/v15.110.0"
},
{
"name": "https://github.com/frappe/frappe/releases/tag/v16.20.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/frappe/frappe/releases/tag/v16.20.0"
}
],
"source": {
"advisory": "GHSA-fwrv-4rw4-97fw",
"discovery": "UNKNOWN"
},
"title": "Frappe: Arbitrary Attachment Injection via add_attachments and upload_file"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48127",
"datePublished": "2026-07-10T21:23:37.101Z",
"dateReserved": "2026-05-20T18:46:58.292Z",
"dateUpdated": "2026-07-10T21:23:37.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48151 (GCVE-0-2026-48151)
Vulnerability from cvelistv5 – Published: 2026-05-27 16:57 – Updated: 2026-05-28 14:12- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/Budibase/budibase/security/adv… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48151",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T14:12:21.327312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T14:12:26.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Budibase/budibase/security/advisories/GHSA-qhv3-wjg8-6fx6"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "budibase",
"vendor": "Budibase",
"versions": [
{
"status": "affected",
"version": "\u003c 3.39.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a result, an unauthenticated caller can update the body schema for a known webhook and mutate the corresponding automation trigger output schema. This vulnerability is fixed in 3.39.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T16:57:36.447Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Budibase/budibase/security/advisories/GHSA-qhv3-wjg8-6fx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Budibase/budibase/security/advisories/GHSA-qhv3-wjg8-6fx6"
}
],
"source": {
"advisory": "GHSA-qhv3-wjg8-6fx6",
"discovery": "UNKNOWN"
},
"title": "Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48151",
"datePublished": "2026-05-27T16:57:36.447Z",
"dateReserved": "2026-05-20T23:12:43.031Z",
"dateUpdated": "2026-05-28T14:12:26.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4818 (GCVE-0-2026-4818)
Vulnerability from cvelistv5 – Published: 2026-03-31 14:53 – Updated: 2026-03-31 17:23| Vendor | Product | Version | |
|---|---|---|---|
| floragunn | Search Guard FLX |
Affected:
3.0.0 , ≤ 4.0.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T17:23:12.638976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T17:23:23.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Search Guard FLX",
"vendor": "floragunn",
"versions": [
{
"lessThanOrEqual": "4.0.1",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2026-03-31T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams."
}
],
"value": "In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T14:53:19.875Z",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"url": "https://search-guard.com/cve-advisory/"
},
{
"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Some management operations on data streams are not properly restricted when user does not have the necessary privileges",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2026-4818",
"datePublished": "2026-03-31T14:53:19.875Z",
"dateReserved": "2026-03-25T13:44:35.684Z",
"dateUpdated": "2026-03-31T17:23:23.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4843 (GCVE-0-2026-4843)
Vulnerability from cvelistv5 – Published: 2026-05-21 19:29 – Updated: 2026-05-22 13:55- CWE-862 - Missing Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| mrdollar4444 | GSheet For Woo Importer |
Affected:
0 , ≤ 2.3.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4843",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T13:53:11.809484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T13:55:49.485Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GSheet For Woo Importer",
"vendor": "mrdollar4444",
"versions": [
{
"lessThanOrEqual": "2.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abhirup Konwar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and including, 2.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin\u0027s Google Sheets API token and configuration options."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T19:29:12.127Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0d60991-0675-4efa-9427-380e6b59fe28?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/import-products-from-gsheet-for-woo-importer/tags/2.3.1/src/Actions/AdminSettingsAction.php#L391"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-02T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2026-03-29T06:11:09.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-05-21T06:40:29.000Z",
"value": "Disclosed"
}
],
"title": "GSheet For Woo Importer \u003c= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Reset"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-4843",
"datePublished": "2026-05-21T19:29:12.127Z",
"dateReserved": "2026-03-25T14:42:59.888Z",
"dateUpdated": "2026-05-22T13:55:49.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48492 (GCVE-0-2026-48492)
Vulnerability from cvelistv5 – Published: 2026-07-08 21:11 – Updated: 2026-07-09 14:17- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/grokability/snipe-it/security/… | x_refsource_CONFIRM |
| https://github.com/grokability/snipe-it/commit/4f… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| grokability | snipe-it |
Affected:
< 8.5.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-09T14:17:23.239977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T14:17:32.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "snipe-it",
"vendor": "grokability",
"versions": [
{
"status": "affected",
"version": "\u003c 8.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Snipe-IT is an IT asset/license management system. Prior to version 8.6.1, the GET /api/v1/{object}/selectlist API endpoint is missing an authorization check. Any user who can log into Snipe-IT - regardless of permissions - can retrieve a paginated list of all user accounts using only their web session cookie. No API token or elevated permissions are required. This exposes usernames, display names, employee numbers, and user IDs for every active account in the system if FMCS is not enabled, and within the company they belong to if FMCS is enabled. Version 8.6.1 contains a patch."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T21:11:19.698Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/grokability/snipe-it/security/advisories/GHSA-f3c5-6cw8-fg57",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/grokability/snipe-it/security/advisories/GHSA-f3c5-6cw8-fg57"
},
{
"name": "https://github.com/grokability/snipe-it/commit/4f943d4a7ab8e53f3d9e32770602d1118bab005f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/grokability/snipe-it/commit/4f943d4a7ab8e53f3d9e32770602d1118bab005f"
}
],
"source": {
"advisory": "GHSA-f3c5-6cw8-fg57",
"discovery": "UNKNOWN"
},
"title": "Snipe-IT\u0027s selectlist visibility is too permissive"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48492",
"datePublished": "2026-07-08T21:11:19.698Z",
"dateReserved": "2026-05-21T15:33:08.292Z",
"dateUpdated": "2026-07-09T14:17:32.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48500 (GCVE-0-2026-48500)
Vulnerability from cvelistv5 – Published: 2026-06-22 21:41 – Updated: 2026-06-23 13:52- CWE-862 - Missing Authorization
| URL | Tags |
|---|---|
| https://github.com/filamentphp/filament/security/… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| filamentphp | filament |
Affected:
>= 3.0.0, < 3.3.52
Affected: >= 5.0.0, < 5.6.5 Affected: >= 4.0.0, < 4.11.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T13:51:46.634712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T13:52:57.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "filament",
"vendor": "filamentphp",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.3.52"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.6.5"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.11.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.52, 4.11.5, and 5.6.5, any schema can contain a file upload form field, so Filament applies Livewire\u0027s WithFileUploads trait to the Livewire component the schema is embedded in. However, some schemas, such as the panel login form, do not require file uploads, and exposing unauthenticated temporary file uploads on these components is not an acceptable risk. On these components, an unauthenticated attacker could upload arbitrary files to the application\u0027s temporary storage, which could be abused to exhaust disk space or inflate storage costs. This vulnerability is fixed in 3.3.52, 4.11.5, and 5.6.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T21:41:17.776Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/filamentphp/filament/security/advisories/GHSA-44wp-g8f4-f4v5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/filamentphp/filament/security/advisories/GHSA-44wp-g8f4-f4v5"
}
],
"source": {
"advisory": "GHSA-44wp-g8f4-f4v5",
"discovery": "UNKNOWN"
},
"title": "Filament: Unauthenticated temporary file upload on auth pages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48500",
"datePublished": "2026-06-22T21:41:17.776Z",
"dateReserved": "2026-05-21T15:33:08.292Z",
"dateUpdated": "2026-06-23T13:52:57.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.