2 matches found
CVE-2026-42202
creationtimestamp| type| source ---|---|--- 2026-05-08 23:19:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mleulbcgqp2e...
CVE-2026-42202
nova-toggle-5 enables fliping booleans in the index. Prior to version 1.3.0, the toggle endpoint POST/nova-vendor/nova-toggle/toggle/resource/resourceId was protected only by web + auth: middleware. Any user authenticated on the configured guard could call the endpoint and flip boolean attributes...