PT-2026-30873 · Unknown · Runzero Platform

Runzero

Published

2026-04-07

Updated

2026-04-07

CVE-2026-5378

CVSS v3.1

6.8

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions runZero Platform versions prior to 4.0.260203.0

Description An issue allowed administrators to create and update users outside of their authorized organization scope. This is an instance of CWE-863: Incorrect Authorization.

Recommendations Update to version 4.0.260203.0 or later.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2026-5378

Affected Products

Runzero Platform

PT-2026-30873 · Unknown · Runzero Platform

CVE-2026-5378

Weakness Enumeration

Related Identifiers

Affected Products

References · 5