CVE-2026-34972 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under spe…
Medium CVSS: 5.0

CVE-2026-34972

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under specific conditions, BatchCheck calls with multiple checks sent for the same object, relation, and user combination can result in improper policy enforcement. This vulnerability is fixed in 1.14.0.
Vendor
-
Product
-
CWE
CWE-863
Yayın Tarihi
2026-04-06 21:16:19
Güncelleme
2026-04-06 21:16:19
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-863 MEDIUM 2026

Referanslar

https://github.com/openfga/openfga/security/advisories/GHSA-jwvj-g8pc-cx45