CVE-2026-5382

CVSS v3.1

3.0

Low

Vector

AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions runZero Platform versions prior to 4.0.260206.0

Description The software contains an authorization issue that could expose records outside of the authorized organization scope through the MCP endpoints. The issue is classified as CWE-863: Incorrect Authorization.

Recommendations Update to version 4.0.260206.0 or later.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2026-5382

Affected Products

Runzero Platform

CVE-2026-5382

Weakness Enumeration

Related Identifiers

Affected Products

References · 6