2 matches found
CVE-2026-42571
Pelican Web UI privilege escalation affects multiple series (7.21.x before 7.21.5, 7.22.x before 7.22.3, 7.23.x before 7.23.3, 7.24.x before 7.24.2). An authenticated WebUI user via OAuth can gain admin privileges under certain configurations. Patches are available in 7.21.5, 7.22.3, 7.23.3, and ...
GHSA-RPFR-X88X-XWCW Pelican Web UI Affected by a Privilege Escalation Attack
Background On April 2nd, 2026, a Claude coding agent alerted Pelican PI Brian Bockelman to a privilege escalation vulnerability affecting Pelican's Web User Interface WebUI for various versions between v7.21 and v7.24. Upon further investigation, the Pelican team discovered this attack allows any...