CVE-2026-5380: CWE-863 Incorrect Authorization in runZero Platform
CVE-2026-5380 is a medium severity vulnerability in the runZero Platform that involves incorrect authorization, allowing an authorized user to view clear-text secrets for certain credential types and fields. This vulnerability is classified under CWE-863 (Incorrect Authorization) and CWE-522 (Insufficiently Protected Credentials). It has a CVSS 3. 1 base score of 5. 3, indicating a moderate impact on confidentiality without affecting integrity or availability. The issue was fixed in version 4. 0. 260204. 2 of the runZero Platform. No known exploits are reported in the wild, and the product is not a cloud service.
AI Analysis
Technical Summary
CVE-2026-5380 is an authorization vulnerability in the runZero Platform that allowed authorized users to access clear-text secrets for a subset of credential types and fields, representing insufficient protection of credentials (CWE-522) and incorrect authorization (CWE-863). The vulnerability has a CVSS 3.1 score of 5.3 (medium severity) with network attack vector, high attack complexity, no privileges required, and user interaction required. The vulnerability was resolved in runZero Platform version 4.0.260204.2. The product is not cloud-hosted, and no official remediation level is specified in the available data.
Potential Impact
An authorized user could view sensitive clear-text secrets for certain credential types, potentially exposing confidential information. The vulnerability impacts confidentiality but does not affect integrity or availability. There are no known exploits in the wild, and the attack complexity is high with required user interaction, limiting ease of exploitation.
Mitigation Recommendations
The vulnerability was fixed in runZero Platform version 4.0.260204.2. Users should upgrade to this version or later to remediate the issue. Patch status is not explicitly confirmed in the provided data; therefore, users should consult the official vendor advisory for the latest remediation guidance. Since the product is not a cloud service, remediation depends on user-applied updates.
CVE-2026-5380: CWE-863 Incorrect Authorization in runZero Platform
Description
CVE-2026-5380 is a medium severity vulnerability in the runZero Platform that involves incorrect authorization, allowing an authorized user to view clear-text secrets for certain credential types and fields. This vulnerability is classified under CWE-863 (Incorrect Authorization) and CWE-522 (Insufficiently Protected Credentials). It has a CVSS 3. 1 base score of 5. 3, indicating a moderate impact on confidentiality without affecting integrity or availability. The issue was fixed in version 4. 0. 260204. 2 of the runZero Platform. No known exploits are reported in the wild, and the product is not a cloud service.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-5380 is an authorization vulnerability in the runZero Platform that allowed authorized users to access clear-text secrets for a subset of credential types and fields, representing insufficient protection of credentials (CWE-522) and incorrect authorization (CWE-863). The vulnerability has a CVSS 3.1 score of 5.3 (medium severity) with network attack vector, high attack complexity, no privileges required, and user interaction required. The vulnerability was resolved in runZero Platform version 4.0.260204.2. The product is not cloud-hosted, and no official remediation level is specified in the available data.
Potential Impact
An authorized user could view sensitive clear-text secrets for certain credential types, potentially exposing confidential information. The vulnerability impacts confidentiality but does not affect integrity or availability. There are no known exploits in the wild, and the attack complexity is high with required user interaction, limiting ease of exploitation.
Mitigation Recommendations
The vulnerability was fixed in runZero Platform version 4.0.260204.2. Users should upgrade to this version or later to remediate the issue. Patch status is not explicitly confirmed in the provided data; therefore, users should consult the official vendor advisory for the latest remediation guidance. Since the product is not a cloud service, remediation depends on user-applied updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- runZero
- Date Reserved
- 2026-04-01T20:20:38.604Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d51c41aaed68159a2c16c4
Added to database: 4/7/2026, 3:01:21 PM
Last enriched: 4/14/2026, 4:01:55 PM
Last updated: 5/22/2026, 8:32:31 PM
Views: 52
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.