CVE-2026-7573

Name of the Vulnerable Software and Affected Versions Velocidex Velociraptor versions prior to 0.76.5

Description An authorization bypass in the 'GetUserRoles' gRPC API endpoint allows any authenticated low-privilege user to retrieve the complete Access Control List (ACL) policy, including roles and permissions, for any user across all organizations. This is achieved by supplying targeted Name and Org parameters via a network request.

Recommendations Update to version 0.76.5 or later.