9.8
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
CVE-2026-56782 — Gorse Unauthenticated Database Dump / Restore Auth Bypass Gorse /api/dump and /api/restore are gated by an admin check that fails open when no key is configured — the default. An unauthenticated, network-reachable attacker can...
Basic Information
ID
2FA22502-8DE9-5029-A733-3794A93C93F9
Published
Jun 29, 2026 at 22:09
Modified
Jun 29, 2026 at 22:10