CVE-2026-7573

Published: May 6, 2026Modified: Jun 1, 2026

7.7

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Exploitability: 3.1 / Impact: 4.0

Source: NVD

Description

An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy (roles and permissions) for any user across all organizations by supplying targeted Name and Org parameters via a network request.

Affected (1)

Products: Rapid7: Velociraptor

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rapid7 Velociraptor	Before 0.76.5

Running on/with	Platform Versions
Linux Linux Kernel	All versions

Related CWEs

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (1)

https://docs.velociraptor.app/announcements/advisories/cve-2026-7573/

Source: cve@rapid7.com

Vendor Advisory

Timeline

No history available yet.