PT-2026-57345 · Undefined · Undefined

Published

2026-07-10

·

Updated

2026-07-10

·

CVE-2026-59979

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
New one on the board: CVE-2026-59979. Cross-tenant IDOR in Yosemite-Crew (OSS vet practice mgmt). Their security-fix PR added RBAC to the create routes but forgot the update/delete ones so any low-priv user (even a patient account) could edit or delete another clinic's data. https://t.co/4NobkLLi91
Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

CVE-2026-59979

Affected Products

Undefined