Summary
OpenBao's System Backend allows Unauthorized Management of the containing Namespace
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-FCVX-5CXC-V5P8
OpenClaw: Slack reaction events could ignore reaction notification settings
- MEDIUMGHSA-JR45-52CW-69H5
NL Portal Backend Libraries: Document contents remained downloadable by any logged-in user (incomplete fix of CVE-2026-49463)
- HIGHGHSA-RH39-9C67-59MH
PraisonAI: Missing ownership check on DELETE endpoints allows members to delete others' content in Platform API
- HIGHGHSA-869J-R97X-HX2G
Anki's local HTTP server does not sufficiently validate requests
- MEDIUMGHSA-JV2J-MQMW-XVV5
SurrealDB: Denial of Service via deep operator chains
- MEDIUMGHSA-HV6H-HC26-Q48P
SurrealDB: Field-level SELECT permissions bypassed via graph and reference traversals