CVE-2026-42158 Flowsint: Broken Access Control allows modification of investigation metadata from any user

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, an adversary with knowledge of an investigation ID, could update the metadata of an investigation of another user. This vulnerability is fixed in 1.2.3...

CVE-2026-42158

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, an adversary with knowledge of an investigation ID, could update the metadata of an investigation of another user. This vulnerability is fixed in 1.2.3...

CVE-2026-42158

Flowsint prior to 1.2.3 has a broken access control issue that lets an attacker who knows an investigation ID modify metadata of another user’s investigation. Affected product: Flowsint OSINT graph exploration tool. Root cause: unauthorized update of investigation metadata due to inadequate acces...

CVE-2026-42158 Flowsint: Broken Access Control allows modification of investigation metadata from any user

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, an adversary with knowledge of an investigation ID, could update the metadata of an investigation of another user. This vulnerability is fixed in 1.2.3...