CVE-2026-53644 - FOSSBilling's missing order-state validation allows clients to read and reset API key secrets for non-active orders
CVE ID :CVE-2026-53644 Published : July 6, 2026, 11:16 p.m. | 1 hour, 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that...