[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-GCVE-1-2026-0030":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-30T07:23:07.718Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":24,"related":25,"reserved_at":9,"published_at":26,"modified_at":26,"state":27,"summary":28,"references_raw":35,"kevs":41,"epss":9,"epss_history":42,"metrics":43,"affected":47},"GCVE-1-2026-0030","An improper access control vulnerability in the authentication key reset functionality allowed an authenticated organization administrator to reset authentication keys belonging to site administrator accounts within the same organization. Because non-site administrators were not explicitly prevented from accessing or resetting site administrator auth keys, an attacker with organization administrator privileges could potentially obtain a newly generated auth key for a higher-privileged account and use it to escalate privileges. The issue is fixed by preventing non-site administrators from viewing or resetting authentication keys associated with site administrator roles.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-863","Incorrect Authorization","The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.","weakness","Incomplete","Class","High",[],[],[],[],[],[],[],"2026-04-29T20:10:32.991353Z","PUBLISHED",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":30,"severity_score":31,"severity_version":32,"severity_source":33,"severity_vector":34,"severity_status":27},false,"critical",9.3,"v4.0","gcve","CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",[36],{"url":37,"sources":38,"tags":39},"https://github.com/MISP/MISP/commit/cb4048873ca934855007406b87ae0d124f50224a",[33],[40],"Patch",[],[],[44],{"source":33,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":45},{"baseScore":31,"baseSeverity":46,"vectorString":34,"impactScore":9,"exploitabilityScore":9},"CRITICAL",[48],{"ecosystem":9,"name":49,"vendor":49,"product":49,"cpe_part":50,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":51},"misp","a",[52],{"version":53,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":57,"fixed_in":9},"\u003C 2.5.37",true,"cve.org","\u003C2.5.37","excluding"]