Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-48096

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-10 Jun, 2026 | 15:09
Updated At-10 Jun, 2026 | 19:41
Rejected At-
Credits

OpenFGA: Cache-key delimiter injection in openfga/openfga shared-iterator and v2 iterator caches enables intra-store authorization-decision poisoning

OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. This issue has been patched in version 1.16.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:10 Jun, 2026 | 15:09
Updated At:10 Jun, 2026 | 19:41
Rejected At:
▼CVE Numbering Authority (CNA)
OpenFGA: Cache-key delimiter injection in openfga/openfga shared-iterator and v2 iterator caches enables intra-store authorization-decision poisoning

OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. This issue has been patched in version 1.16.0.

Affected Products
Vendor
openfga
Product
openfga
Versions
Affected
  • < 1.16.0
Problem Types
TypeCWE IDDescription
CWECWE-345CWE-345: Insufficient Verification of Data Authenticity
CWECWE-668CWE-668: Exposure of Resource to Wrong Sphere
Type: CWE
CWE ID: CWE-345
Description: CWE-345: Insufficient Verification of Data Authenticity
Type: CWE
CWE ID: CWE-668
Description: CWE-668: Exposure of Resource to Wrong Sphere
Metrics
VersionBase scoreBase severityVector
3.15.0MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/openfga/openfga/security/advisories/GHSA-8396-jffm-qx4w
x_refsource_CONFIRM
https://github.com/openfga/openfga/releases/tag/v1.16.0
x_refsource_MISC
Hyperlink: https://github.com/openfga/openfga/security/advisories/GHSA-8396-jffm-qx4w
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/openfga/openfga/releases/tag/v1.16.0
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:10 Jun, 2026 | 16:17
Updated At:12 Jun, 2026 | 00:46

OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. This issue has been patched in version 1.16.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.0MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CPE Matches
openfga
openfga
>>helm_charts>>Versions before 0.3.5(exclusive)
cpe:2.3:a:openfga:helm_charts:*:*:*:*:*:openfga:*:*
openfga
openfga
>>openfga>>Versions before 1.16.0(exclusive)
cpe:2.3:a:openfga:openfga:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-345Primarysecurity-advisories@github.com
CWE-668Primarysecurity-advisories@github.com
CWE ID: CWE-345
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-668
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/openfga/openfga/releases/tag/v1.16.0security-advisories@github.com
Product
Release Notes
https://github.com/openfga/openfga/security/advisories/GHSA-8396-jffm-qx4wsecurity-advisories@github.com
Vendor Advisory
Hyperlink: https://github.com/openfga/openfga/releases/tag/v1.16.0
Source: security-advisories@github.com
Resource:
Product
Release Notes
Hyperlink: https://github.com/openfga/openfga/security/advisories/GHSA-8396-jffm-qx4w
Source: security-advisories@github.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

56Records found
CVE-2024-25584
Matching Score-4
Assigner-Open-Xchange
ShareView Details
Matching Score-4
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 8.45%
||
7 Day CHG~0.00%
Published-06 Sep, 2024 | 15:02
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest released version. No publicly available exploits are known.

Action-Not Available
Vendor-Open-Xchange AG
Product-OX Dovecot Pro
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-1718
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 9.90%
||
7 Day CHG~0.00%
Published-04 Jun, 2024 | 05:32
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Claudio Sanches – Checkout Cielo for WooCommerce <= 1.1.0 - Insufficient Verification of Data Authenticity to Order Payment Status Update

The Claudio Sanches – Checkout Cielo for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient payment validation in the update_order_status() function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to update the status of orders to paid bypassing payment.

Action-Not Available
Vendor-claudiosanches
Product-Claudio Sanches – Checkout Cielo for WooCommerce
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-27305
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.37% / 28.90%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 20:29
Updated-22 Jan, 2025 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SMTP smuggling in aiosmtpd

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send smuggle/spoof e-mails with fake sender addresses, allowing advanced phishing attacks. This issue is also existed in other SMTP software like Postfix. With the right SMTP server constellation, an attacker can send spoofed e-mails to inbound/receiving aiosmtpd instances. This issue has been addressed in version 1.4.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-aio-libsaio-libsaio-libs
Product-aiosmtpdaiosmtpdaiosmtpd
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-21597
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.38% / 29.27%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 00:53
Updated-03 Jun, 2025 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context. This issue affects Juniper Networks Junos OS on MX Series: * All versions earlier than 20.4R3-S9; * 21.2 versions earlier than 21.2R3-S3; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3; * 22.2 versions earlier than 22.2R3; * 22.3 versions earlier than 22.3R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2024-1321
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 17.00%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 15:26
Updated-08 Apr, 2026 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Unauthenticated Booking Payment Bypass

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 3.4.2. This is due to the plugin allowing unauthenticated users to update the status of order payments. This makes it possible for unauthenticated attackers to book events for free.

Action-Not Available
Vendor-Metagauss Inc.
Product-eventprimeEventPrime – Events Calendar, Bookings and Ticketseventprime
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-5548
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-3.3||LOW
EPSS-0.29% / 21.04%
||
7 Day CHG~0.00%
Published-09 Nov, 2023 | 19:36
Updated-02 Aug, 2024 | 07:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Moodle: cache poisoning risk with endpoint revision numbers

Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.

Action-Not Available
Vendor-Moodle Pty LtdFedora Project
Product-extra_packages_for_enterprise_linuxfedoramoodle
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
  • Previous
  • 1
  • 2
  • Next
Details not found