CVE-2026-7573 MEDIUM

CVE-2026-7573: GetUserRoles API endpoint allows any authenticated user to enumerate ACL policies across all organizations

Vendor Velocidex
Product velociraptor
Weakness CWE-639 · IDOR
Published May 6, 2026
Last update May 6, 2026

CVSS base score

5.0/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy (roles and permissions) for any user across all organizations by supplying targeted Name and Org parameters via a network request.

Key dates

02Disclosure timeline

May 6, 2026 CVE published
May 6, 2026 Record updated