Misskey · Misskey · CVE-2026-28433
**Name of the Vulnerable Software and Affected Versions**
Misskey versions 10.93.0 through 2026.3.0
**Description**
Misskey is a federated social media platform. A flaw exists that allows importing data belonging to other users because of insufficient ownership validation. The potential impact is considered low, as exploitation requires knowledge of the target file ID.
**Recommendations**
Update to version 2026.3.1 or later.