CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

EUVD-2026-28401

Snipe-IT has insecure permissions in file uploads...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

PT-2026-38544

Name of the Vulnerable Software and Affected Versions grokability snipe-it versions prior to 8.4.1 Description Insecure permissions allow a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component. Users with permissions to view assets or...

CVE-2026-37709

The CVE-2026-37709 entry concerns an Insecure Permissions vulnerability in grokability snipe-it ≤ v8.4.0 (fixed after 2026-03-10, commit 676a9958). A remote attacker could execute arbitrary code via app/Http/Controllers/Api/UploadedFilesController.php. The NVD/CVE data indicate a high-severity im...

Grokability Snipe-IT has incorrect authorization for accessing asset information

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

GHSA-H3VP-QWMX-5J25 Grokability Snipe-IT has incorrect authorization for accessing asset information

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

Snipe-IT 安全漏洞

Snipe-IT is an open source IT asset/license management system from Grokability Open Source. A security vulnerability exists in Snipe-IT versions prior to 8.1.0 that stems from improper authorization to access asset information...

CVE-2025-47226

Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information...

PT-2025-18923 · Unknown · Grokability Snipe-It

Name of the Vulnerable Software and Affected Versions: Grokability Snipe-IT versions prior to 8.1.0 Description: The issue concerns incorrect authorization for accessing asset information. Recommendations: For versions prior to 8.1.0, update to version 8.1.0 or later to resolve the issue...