CVE Catalog

CVE-2026-56355

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile — higher than 27% of all known CVEs

Summary

GNU Savannah Administration Savane through version 3.17 uses untrusted data as part of authorization, which may lead to unauthorized access.

Risk Assessment

Organizations may be exposed to attacks that allow unauthorized access to systems and data.

Recommendation

It is recommended to upgrade to the latest version of Savane to eliminate the risk associated with the use of untrusted data.

Original NVD description (English source)

GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS