3 matches found
CVE-2026-58580
LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS and updateTranslate methods filter target rows by message id alone, omitting the userId scope that sibli...
CVE-2025-62503
User with CREATE and no UPDATE privilege for Pools, Connections, Variables could update existing records via bulk create API with overwrite action...
CVE-2025-62503 Apache Airflow: Privilege boundary bypass in bulk APIs (create action can upsert existing Pools/Connections/Variables)
User with CREATE and no UPDATE privilege for Pools, Connections, Variables could update existing records via bulk create API with overwrite action...