{"vulnerability": "cve-2026-47068", "sightings": [{"uuid": "a6d2da09-1781-4011-bd04-6fca7a761d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47068", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmc7sv2h5b2h", "content": "CVE-2026-47068 - Cross-session PubSub topic injection via URL parameter in phoenix_storybook\nCVE ID : CVE-2026-47068\n \n Published : May 20, 2026, 1:35 p.m. | 39\u00a0minutes ago\n \n Description : Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenix...", "creation_timestamp": "2026-05-20T15:28:18.415852Z"}, {"uuid": "28d4d354-7a88-4825-ad72-c6ab09513e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-47068", "type": "published-proof-of-concept", "source": "https://github.com/phenixdigital/phoenix_storybook/security/advisories/GHSA-mrhx-6pw9-q5fh", "content": "", "creation_timestamp": "2026-05-20T11:02:29.000000Z"}, {"uuid": "256ff6ba-f44c-4c03-ab6c-2e8ea3d0e646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47068", "type": "seen", "source": "https://gist.github.com/alon710/f640ae703fe7932b0c10bae26e654477", "content": "# CVE-2026-47068: CVE-2026-47068: Authorization Bypass via Cross-Session PubSub Topic Injection in phoenix_storybook\n\n> **CVSS Score:** 2.3\n> **Published:** 2026-06-09\n> **Full Report:** https://cvereports.com/reports/CVE-2026-47068\n\n## Summary\nA security vulnerability in the Elixir package phoenix_storybook (versions 0.4.0 up to 1.1.0) allows unauthenticated remote attackers to perform cross-session PubSub topic injection. By manipulating URL parameters, an attacker can hijack the real-time communications channel, enabling them to capture user state and control parameters from active sessions.\n\n## TL;DR\nUnauthenticated remote attackers can hijack active phoenix_storybook sessions by supplying a victim's PubSub topic via URL parameters, leading to potential cross-session state exposure.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-639\n- **Attack Vector**: Network\n- **CVSS Score**: 2.3 (Low)\n- **EPSS Score**: 0.00054\n- **Exploit Status**: No active public exploits\n- **KEV Status**: Not listed\n\n## Affected Systems\n\n- phoenix_storybook package for Elixir\n- **phoenix_storybook**: >= 0.4.0, < 1.1.0 (Fixed in: `1.1.0`)\n\n## Mitigation\n\n- Upgrade phoenix_storybook to version 1.1.0 or higher.\n- Ensure application endpoint configuration uses a secure, non-default secret_key_base.\n- Manually verify playground topic strings using Phoenix.Token in custom storybook setups.\n\n**Remediation Steps:**\n1. Inspect mix.exs to determine the current phoenix_storybook version.\n2. Update the dependency to `{:phoenix_storybook, \"~> 1.1.0\"}`.\n3. Run `mix deps.get` to download and compile the updated package.\n4. Verify deployment by inspecting URL parameters within the storybook playground iframe (should use 'playground_token' instead of 'topic').\n\n## References\n\n- [https://github.com/phenixdigital/phoenix_storybook/security/advisories/GHSA-mrhx-6pw9-q5fh](https://github.com/phenixdigital/phoenix_storybook/security/advisories/GHSA-mrhx-6pw9-q5fh)\n- [https://github.com/phenixdigital/phoenix_storybook/commit/6ee03f1c738d4436dde1b066cf65c80663d489f5](https://github.com/phenixdigital/phoenix_storybook/commit/6ee03f1c738d4436dde1b066cf65c80663d489f5)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-47068) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-09T22:51:34.000000Z"}]}