Threats Tagged 'cve-2026-32097'
View all threats tagged with 'cve-2026-32097'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-32097'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-32097: CWE-639: Authorization Bypass Through User-Controlled Key in comppolicylab pingpongCVE-2026-32097 0 CVE-2026-32097 is a high-severity authorization bypass vulnerability in the PingPong platform by comppolicylab, affecting versions prior to 7. 27. 2. Authenticated users with minimal permissions can exploit this flaw to retrieve or delete files outside their authorized scope, including private user-uploaded and model-generated files. Exploitation requires authentication and some level of thread access but no user interaction or elevated privileges beyond limited read or participation rights. The vulnerability stems from improper authorization checks related to user-controlled keys, classified under CWE-639. No known exploits are currently reported in the wild, and the issue is fixed in version 7. 27. 2. Organizations using affected versions should prioritize patching to prevent potential data breaches or data loss. Join the discussion | CVE Database V5 | 03/11/2026, 19:55:51 UTC Added: 03/11/2026, 20:14:48 UTC |
Showing 1 to 1 of 1 result