3 matches found
CVE-2026-27953
ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validation by injecting "pkonly": true into a JSON request body. By injecting "pkonly": true into a JSON...
CVE-2026-27953
Summary: CVE-2026-27953 affects ormar (Python)
EUVD-2026-13198
ormar Pydantic Validation Bypass via pkonly and excluded Kwargs Injection in Model Constructor...