QSearchQSearch

CVE-2026-7573

5.0 MEDIUM

An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authent...

Published: 2026-05-06 · Last updated: 2026-06-01

Severity and scoring

CVSS
5.0 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CWE
CWE-639

Affected products

VendorProduct
rapid7velociraptor

Description

An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy (roles and permissions) for any user across all organizations by supplying targeted Name and Org parameters via a network request.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-7572 An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 ... (4.4 MEDIUM)
  • CVE-2026-4482 The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users... (5.5 MEDIUM)
  • CVE-2026-4837 An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to... (6.6 MEDIUM)

Same CWE

  • CVE-2026-53863 OpenClaw before 2026.4.25 contains an input validation vulnerability in tool group policy callers that accept unvalidated group IDs (7.1 HIGH)
  • CVE-2026-10780 The Static Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2 (4.3 MEDIUM)
  • CVE-2026-48599 Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify res...
  • CVE-2026-52699 Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions (7.5 HIGH)
  • CVE-2026-48872 Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions (7.5 HIGH)