2 matches found
GHSA-VV3H-7QWR-722V Anytype Heart's gRPC API client challenge verification can be bypassed on localhost
Impact The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. Affected components: - Anytype Desktop all platforms ≤ v0.48.2 - Anytype-CLI headless deployments ≤ v0.1.9 Not affected: - Anytype mobile apps iOS...
PT-2026-24757
Name of the Vulnerable Software and Affected Versions Anytype Heart versions prior to 0.48.4 Anytype-CLI versions prior to 0.1.11 Anytype Desktop versions prior to 0.54.5 Description The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain...