Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-3209
Awaiting Analysis
More InfoOfficial Page
Source-cna@vuldb.com
View Known Exploited Vulnerability (KEV) details
Published At-25 Feb, 2026 | 23:16
Updated At-27 Feb, 2026 | 14:06

A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. Upgrading to version 1.15.4-s.4 mitigates this issue. The identifier of the patch is 5e37c4e85fae68e756be5019a28ca903b161fdd5. Upgrading the affected component is advised.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.16.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Secondary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-266Primarycna@vuldb.com
CWE-284Primarycna@vuldb.com
CWE ID: CWE-266
Type: Primary
Source: cna@vuldb.com
CWE ID: CWE-284
Type: Primary
Source: cna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gist.github.com/henrrrychau/0457bef6776d0c99688f9cf55cdf55f7cna@vuldb.com
N/A
https://github.com/fosrl/pangolin/cna@vuldb.com
N/A
https://github.com/fosrl/pangolin/commit/5e37c4e85fae68e756be5019a28ca903b161fdd5cna@vuldb.com
N/A
https://github.com/fosrl/pangolin/pull/2511cna@vuldb.com
N/A
https://github.com/fosrl/pangolin/releases/tag/1.15.4-s.4cna@vuldb.com
N/A
https://vuldb.com/?ctiid.347796cna@vuldb.com
N/A
https://vuldb.com/?id.347796cna@vuldb.com
N/A
https://vuldb.com/?submit.765676cna@vuldb.com
N/A
Hyperlink: https://gist.github.com/henrrrychau/0457bef6776d0c99688f9cf55cdf55f7
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://github.com/fosrl/pangolin/
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://github.com/fosrl/pangolin/commit/5e37c4e85fae68e756be5019a28ca903b161fdd5
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://github.com/fosrl/pangolin/pull/2511
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://github.com/fosrl/pangolin/releases/tag/1.15.4-s.4
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?ctiid.347796
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?id.347796
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?submit.765676
Source: cna@vuldb.com
Resource: N/A
Change History
0Changes found
Details not found