| CVE-2026-40293 |
medium |
6.5 |
6.5 |
|
|
|
2mo ago |
OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response |
| CVE-2026-41131 |
unknown |
— |
— |
|
|
|
1mo ago |
OpenFGA has Improper Policy Enforcement |
| CVE-2026-34972 |
unknown |
— |
— |
|
|
|
2mo ago |
OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision |
| CVE-2026-33729 |
unknown |
— |
— |
|
|
|
2mo ago |
OpenFGA has an Authorization Bypass through cached keys in github.com/openfga/openfga |
| CVE-2026-24851 |
unknown |
— |
— |
|
|
|
4mo ago |
OpenFGA Improper Policy Enforcement in github.com/openfga/openfga |
| CVE-2025-64751 |
unknown |
— |
— |
|
|
|
7mo ago |
OpenFGA Improper Policy Enforcement in github.com/openfga/openfga |
| CVE-2025-55213 |
unknown |
— |
— |
|
|
|
10mo ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2025-48371 |
unknown |
— |
— |
|
|
|
1y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2025-46331 |
unknown |
— |
— |
|
|
|
1y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2025-25196 |
unknown |
— |
— |
|
|
|
1y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2024-56323 |
unknown |
— |
— |
|
|
|
1y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2024-42473 |
unknown |
— |
— |
|
|
|
2y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2024-31452 |
unknown |
— |
— |
|
|
|
2y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2024-23820 |
unknown |
— |
— |
|
|
|
2y ago |
OpenFGA denial of service in github.com/openfga/openfga |
| CVE-2023-45810 |
unknown |
— |
— |
|
|
|
3y ago |
OpenFGA DoS vulnerability in github.com/openfga/openfga |
| CVE-2023-43645 |
unknown |
— |
— |
|
|
|
3y ago |
OpenFGA Vulnerable to DoS from circular relationship definitions in github.com/openfga/openfga |
| CVE-2023-40579 |
unknown |
— |
— |
|
|
|
3y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2023-35933 |
unknown |
— |
— |
|
|
|
3y ago |
Denial of service in github.com/openfga/openfga |
| CVE-2022-23542 |
unknown |
— |
— |
|
|
|
4y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2022-39352 |
unknown |
— |
— |
|
|
|
4y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2022-39341 |
unknown |
— |
— |
|
|
|
4y ago |
OpenFGA Authorization Bypass via tupleset wildcard in github.com/openfga/openfga |
| CVE-2022-39342 |
unknown |
— |
— |
|
|
|
4y ago |
OpenFGA Authorization Bypass in github.com/openfga/openfga |
| CVE-2022-39340 |
unknown |
— |
— |
|
|
|
4y ago |
OpenFGA subject to Information Disclosure via streamed-list-objects endpoint in github.com/openfga/openfga |
