Vulnerabilities

Report: CVE-2026-35479 - InvenTree Plugin Installation - Insufficient Permissions

2026-04-08 0 views admin

CVE ID :CVE-2026-35479 Published : April 8, 2026, 8:16 p.m. | 18 minutes ago Description :InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring

CVE Details

CVE ID

CVE-2026-35479

Published

April 8, 2026

🏷️ Tags

report35479inventreeplugininstallationinsufficientpermissionspublishedcverce

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-35479 - InvenTree Plugin Installation - Insufficient Permissions

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-45615 - mouse07410/asn1c: 1-byte Heap Out-of-Bounds Read in `INTEGER_decode_oer` via Mal

Report: Complete Guide to CVE-2026-45610 - WWBN AVideo plugin/LoginControl/set.json.php: 2FA toggle endpoint has no CSRF pr...

Report: Complete Guide to CVE-2026-45582 - n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shape...

Report: CVE-2026-45580 - WWBN AVideo Live: stored XSS via unescaped stream key in modeYoutubeLive.php cla

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting