CVE-2026-22660 - FlaskBB Logic Flaw Authorization Group Deletion via Bulk AJAX Endpoint
CVE ID :CVE-2026-22660 Published : July 10, 2026, 2:16 p.m. | 15 minutes ago Description :FlaskBB through 2.2.0, fixed in commit a5da9a5, contains a logic flaw vulnerability that allows authenticated administrators to delete all built-in authorization groups by exploiting a type mismatch in...