CVE-2026-11439

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

CVE-2026-11439 theonedev Parent Project projects improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5. Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Project Handler. The manipulation of the argument project.parentId results in improper authorization. The attack may be performed from...

CVE-2026-11439

The vulnerability CVE-2026-11439 affects Theonedev Onedev up to version 15.0.5 in the Parent Project Handler, specifically the /projects/ function where manipulating the argument project.parentId leads to improper authorization. The attack may be executed remotely. A fix is available in version 1...

PT-2026-47163

Name of the Vulnerable Software and Affected Versions onedev versions prior to 15.0.6 Description Improper authorization exists in the Parent Project Handler component within the '/projects/' file. A remote attacker can manipulate the project.parentId argument to bypass authorization controls...

OneDev 授权问题漏洞

OneDev is a JAVA-based multi-functional DevOps platform developed by Theonedev team. This platform supports container building, orchestration, CI, Git management, and team collaboration, helping developers create a simple yet powerful development platform. Versions of OneDev prior to 15.0.5 have...