CVE Catalog
CVE-2026-28380
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.23%
13th percentile - higher than 13% of all known CVEs
Summary
Any editor could delete any snapshot, even if they have no access to read or write them.
Risk Assessment
The ability for unauthorized users to delete snapshots may lead to data loss and disruption of system operations.
Recommendation
It is recommended to restrict editors' permissions to delete snapshots and implement additional authorization mechanisms.
Original NVD description (English source)
Any Editor could delete any snapshot, even if they have no access to read or write them.

