CVE-2026-55475 in snipe-it
الملخص
بحسب MITRE • 10/07/2026
Snipe-IT is an IT asset/license management system. Prior to 8.6.1, the Importer API endpoint allows a user with CSV import capabilities and a valid API key to overwrite the created_by value of an import file, allowing unauthorized modification of import ownership metadata. This issue is fixed in version 8.6.1.
Be aware that VulDB is the high quality source for vulnerability data.