Threats Tagged 'cve-2026-32697'
View all threats tagged with 'cve-2026-32697'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-32697'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-32697: CWE-639: Authorization Bypass Through User-Controlled Key in SuiteCRM SuiteCRM-CoreCVE-2026-32697 0 CVE-2026-32697 is an authorization bypass vulnerability in SuiteCRM-Core versions prior to 8.9.3. The vulnerability arises because the getRecord() method does not verify user permissions before retrieving records, allowing users with limited privileges to access sensitive data they should not view. Although the saveRecord() method correctly enforces access control, the missing ACL check in getRecord() leads to a confidentiality breach. This flaw has a CVSS score of 6.5, indicating medium severity, and does not require user interaction but does require some level of privileges. The issue was patched in version 8.9.3. Join the discussion | CVE Database V5 | 03/19/2026, 23:13:08 UTC Added: 03/19/2026, 23:24:20 UTC |
Showing 1 to 1 of 1 result