3 matches found
Incorrect Authorization
Overview @powersync/service-sync-rules is an A library containing logic for PowerSync sync rules. Affected versions of this package are vulnerable to Incorrect Authorization in the stream synchronization with config.edition: 3 and subquery filters are used without partitioning the result set. An...
CVE-2026-30870 Some sync filters in PowerSync Service ignored using `config.edition: 3`
PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration, this could result in...
PT-2026-24089
Name of the Vulnerable Software and Affected Versions PowerSync versions prior to 1.20.1 Description The PowerSync Service, a server-side component of the PowerSync sync engine, had an issue in version 1.20.0 where subquery filters were ignored when determining data synchronization for users with...