CVE-2026-27603 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the chart…

High CVSS: 8.7

CVE-2026-27603

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the chart filter endpoint POST /project/:project_id/chart/:chart_id/filter is missing both verifyToken and checkPermissions middleware, allowing unauthenticated users to access chart data from any team/project. This issue has been patched in version 4.8.4.

Vendor

Product

CWE

Yayın Tarihi

2026-03-06 05:16:30

Güncelleme

2026-03-10 14:02:36

Source Identifier

security-advisories@github.com

KEV Date Added

-

Kategoriler

CWE-306 Chartbrew HIGH Depomo 2026

Referanslar

https://github.com/chartbrew/chartbrew/releases/tag/v4.8.4 https://github.com/chartbrew/chartbrew/security/advisories/GHSA-9fhr-5vvc-p455

Benzer Kayıtlar

Medium

CVE-2026-27605

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

High

CVE-2026-27005

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

High

CVE-2026-25887

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

High

CVE-2026-25888

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

Medium

CVE-2026-25877

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…