CVE-2026-24901

Name of the Vulnerable Software and Affected Versions Outline versions prior to 1.4.0

Description Outline is a collaborative documentation service. A security issue exists in the document restoration logic that allows any team member to restore, view, and take ownership of deleted drafts belonging to other users, including administrators, without authorization. This is due to a bypass of ownership validation during the restoration process, potentially allowing an attacker to access sensitive private information and prevent the original owner from accessing their content. The issue does not affect versions 1.4.0 and later.

Recommendations Versions prior to 1.4.0 should be updated to version 1.4.0 or later.