4 matches found
Rapid7 Velociraptor < 0.75.8 / 0.76.x < 0.76.3 Incorrect Authorization (CVE-2026-6290)
The version of Rapid7 Velociraptor installed on the remote host is prior to 0.75.8 or 0.76.x prior to 0.76.3. It is, therefore, affected by an incorrect authorization vulnerability: - Velociraptor contains a vulnerability in the query plugin which allows access to all orgs with the user's current...
CVE-2026-6290
creationtimestamp| type| source ---|---|--- 2026-04-15 19:22:05+00:00| published-proof-of-concept| Telegram/QjGcBmjsxbZ4Amc1U1V8p7QxKw60FZ8Kw92T8xX9Q9AP7c 2026-04-15 19:22:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkmky75mp23 2026-04-24 00:07:07+00:00| seen|...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the query plugin. An attacker can gain unauthorized access to resources belonging to other organizations by executing VQL queries with their current ACL token, thereby inheriting their permissions across...
CVE-2026-6290
Velociraptor CVE-2026-6290 affects versions prior to 0.76.3, due to an incorrect authorization flaw in the query() plugin that lets a GUI user with access in one org execute VQL against other orgs using their current ACL token. The underlying issue is that the plugin’s authorization does not prop...