PT-2026-57345 · Undefined · Undefined
Published
2026-07-10
·
Updated
2026-07-10
·
CVE-2026-59979
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
New one on the board: CVE-2026-59979. Cross-tenant IDOR in Yosemite-Crew (OSS vet practice mgmt). Their security-fix PR added RBAC to the create routes but forgot the update/delete ones so any low-priv user (even a patient account) could edit or
delete another clinic's data. https://t.co/4NobkLLi91
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined