Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-58653

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-02 Jul, 2026 | 12:34
Updated At-02 Jul, 2026 | 13:15
Rejected At-
Credits

PraisonAI - Authorization Bypass via Unvalidated project_id in Issue Create/Update

PraisonAI before 0.1.7 fails to validate that project_id in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace constraints.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:02 Jul, 2026 | 12:34
Updated At:02 Jul, 2026 | 13:15
Rejected At:
▼CVE Numbering Authority (CNA)
PraisonAI - Authorization Bypass via Unvalidated project_id in Issue Create/Update

PraisonAI before 0.1.7 fails to validate that project_id in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace constraints.

Affected Products
Vendor
PraisonAI
Product
PraisonAI
Default Status
unaffected
Versions
Affected
  • From 0 before 0.1.7 (semver)
Unaffected
  • 0.1.7 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-639Authorization Bypass Through User-Controlled Key
Type: CWE
CWE ID: CWE-639
Description: Authorization Bypass Through User-Controlled Key
Metrics
VersionBase scoreBase severityVector
4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
sai-sh
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x
vendor-advisory
https://www.vulncheck.com/advisories/praisonai-authorization-bypass-via-unvalidated-project-id-in-issue-create-update
third-party-advisory
Hyperlink: https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x
Resource:
vendor-advisory
Hyperlink: https://www.vulncheck.com/advisories/praisonai-authorization-bypass-via-unvalidated-project-id-in-issue-create-update
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x
exploit
Hyperlink: https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:02 Jul, 2026 | 13:17
Updated At:02 Jul, 2026 | 18:47

PraisonAI before 0.1.7 fails to validate that project_id in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace constraints.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
N/A
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-639Secondarydisclosure@vulncheck.com
CWE ID: CWE-639
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7xdisclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/praisonai-authorization-bypass-via-unvalidated-project-id-in-issue-create-updatedisclosure@vulncheck.com
N/A
https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/praisonai-authorization-bypass-via-unvalidated-project-id-in-issue-create-update
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-2fjj-qqg8-fg7x
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

159Records found

CVE-2024-11073
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 42.00%
||
7 Day CHG~0.00%
Published-11 Nov, 2024 | 17:00
Updated-18 Nov, 2024 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Hospital Management System delete-account.php improper authorization

A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of the argument id leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-mayuri_kSourceCodester
Product-hospital_management_systemHospital Management System
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-11275
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.32% / 23.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2024 | 08:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes it possible for authenticated attackers, with Timetics Customer access and above, to delete arbitrary users.

Action-Not Available
Vendor-arraytics
Product-Timetics – Appointment Booking & Scheduling
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2023-7198
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-4.3||MEDIUM
EPSS-0.40% / 32.11%
||
7 Day CHG~0.00%
Published-27 Feb, 2024 | 08:30
Updated-01 May, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WPDashboardNotes < 1.0.11 - Unauthorised Deletion of Private Notes

The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References (IDOR) in post_id= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises the integrity and privacy of user data.

Action-Not Available
Vendor-jeroensormaniUnknownwp-dashboard-notes
Product-wp_dashboard_notesWP Dashboard Noteswp_dashboard_notes
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2023-6506
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.47% / 37.31%
||
7 Day CHG~0.00%
Published-11 Jan, 2024 | 06:49
Updated-08 Apr, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP 2FA <= 2.5.0 - Insecure Direct Object Reference to Arbitrary Email Sending

The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the send_backup_codes_email due to missing validation on a user controlled key. This makes it possible for subscriber-level attackers to email arbitrary users on the site.

Action-Not Available
Vendor-wpwhitesecuritymelapress
Product-wp_2faWP 2FA – Two-factor authentication for WordPress
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-49765
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.40% / 32.00%
||
7 Day CHG~0.00%
Published-21 Dec, 2023 | 18:29
Updated-28 Apr, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Rate my Post – WP Rating System Plugin <= 3.4.1 is vulnerable to Insecure Direct Object References (IDOR)

Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1.

Action-Not Available
Vendor-blazzdevBlaz K.
Product-rate_my_postRate my Post – WP Rating System
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2023-50267
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.34% / 25.72%
||
7 Day CHG~0.00%
Published-28 Dec, 2023 | 15:13
Updated-09 Sep, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MeterSphere horizontal privilege escalation vulnerability of resources in project scope.

MeterSphere is a one-stop open source continuous testing platform. Prior to 2.10.10-lts, the authenticated attackers can update resources which don't belong to him if the resource ID is known. This issue if fixed in 2.10.10-lts. There are no known workarounds.

Action-Not Available
Vendor-MeterSphere (FIT2CLOUD Inc.)
Product-meterspheremetersphere
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-2080
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-4.3||MEDIUM
EPSS-0.65% / 46.40%
||
7 Day CHG+0.02%
Published-29 Aug, 2022 | 14:40
Updated-03 Aug, 2024 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR

The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message is either the teacher or the original sender, allowing any authenticated user to send messages to arbitrary private conversation via a IDOR attack. Note: Attackers are not able to see responses/messages between the teacher and student

Action-Not Available
Vendor-UnknownAutomattic Inc.
Product-sensei_lmsSensei LMS – Online Courses, Quizzes, & Learning
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2023-48304
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.60% / 44.53%
||
7 Day CHG~0.00%
Published-21 Nov, 2023 | 22:06
Updated-02 Aug, 2024 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nextcloud Server vulnerable to attacker enabling/disabling birthday calendar for any user

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, an attacker could enable and disable the birthday calendar for any user on the same server. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available.

Action-Not Available
Vendor-Nextcloud GmbH
Product-nextcloud_serversecurity-advisories
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2022-0442
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-4.3||MEDIUM
EPSS-0.64% / 46.35%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 08:16
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UsersWP < 1.2.3.1 - Subscriber+ User Avatar Override

The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar.

Action-Not Available
Vendor-ayecodeUnknown
Product-userswpUsersWP – User Registration & User Profile
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found