CVE-2026-47716
3.1 LOWBugsink is a self-hosted error tracking tool
Published: 2026-05-26 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 3.1 LOW
- Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
- CWE
- CWE-639
Description
Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, In affected versions, the issue list view authorizes access through the project in the URL, but applies the requested bulk action to the submitted issue IDs without also requiring those issues to belong to that project. This vulnerability is fixed in 2.2.0.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-44692 — Sharp is a content management framework built for Laravel as a package (7.7 HIGH)
- CVE-2026-46558 — Plane is an open-source project management tool (8.3 HIGH)
- CVE-2026-53471 — A flaw was found in migration-planner (9.6 CRITICAL)
- CVE-2026-53470 — A flaw was found in migration-planner (9.6 CRITICAL)
- CVE-2026-45563 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (4.3 MEDIUM)