5 matches found
CVE-2026-46668
A flaw was found in SpiceDB, an open-source database system for managing application permissions. This vulnerability occurs due to improper cache reuse when processing caveat structures that contain nested lists. This could lead to unexpected behavior or a low impact on confidentiality, potential...
Incorrect Permission Assignment for Critical Resource
Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource through improper handling of caveat structures containing nested lists in the caching process. An attacker can gain unauthorized access to protected resources by crafting requests th...
Incorrect Permission Assignment for Critical Resource
Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource through improper handling of caveat structures containing nested lists in the caching process. An attacker can gain unauthorized access to protected resources by crafting requests th...
EUVD-2026-36122
SpiceDB is an open source database system for creating and managing security-critical application permissions. From version 1.15.0 to before version 1.52.0, caveat structures with nested lists can result in improper cache reuse. This issue has been patched in version 1.52.0...
PT-2026-42696
Name of the Vulnerable Software and Affected Versions SpiceDB versions 1.15.0 through 1.51.x Description Caveat structures containing nested lists can lead to improper cache reuse. This occurs when the system processes these structures using the 'CheckBulkPermissions' endpoint or the...