SB2026070764 - Authorization bypass through user-controlled key in Graylog



SB2026070764 - Authorization bypass through user-controlled key in Graylog

Published: July 7, 2026

Security Bulletin ID SB2026070764
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Authorization bypass through user-controlled key (CVE-ID: N/A)

CWE-ID: CWE-639 - Authorization Bypass Through User-Controlled Key

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to modify ownership of saved searches and dashboards to gain unauthorized control.

The vulnerability exists due to authorization bypass through user-controlled key in the API endpoint for updating saved searches and dashboards when handling update requests. A remote user can assign owner permissions to an arbitrary account to modify ownership of saved searches and dashboards to gain unauthorized control.

This can be used to delete the affected saved search or dashboard or remove the original owner's access.


Remediation

Install update from vendor's website.