CVE-2026-12593 - Privilege escalation via forged API token creation in Axivion Dashboard OIDC/OAuth2/SSO subsystem
CVE ID :CVE-2026-12593 Published : July 9, 2026, 2:16 p.m. | 16 minutes ago Description :The implementation of an internal and undocumented Dashboard API endpoint (POST /api/users/~/{user}/tokens) forgot to ensure an HTTP request for creating an API Token for another user had sufficient...