A user with API access and "manage users" permission in any venueless
world is able to trigger deletion of user accounts in other worlds.
CVSS
No CVSS.
References
Configurations
No configuration.
History
05 Apr 2026, 13:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-04-05 13:17
Updated : 2026-04-07 13:20
NVD link : CVE-2026-5599
Mitre link : CVE-2026-5599
CVE.ORG link : CVE-2026-5599
JSON object : View
Products Affected
No product.
CWE
CWE-653
Improper Isolation or Compartmentalization