CVE-2026-54329 - Snipe-IT: Cross-Tenant Accessory Injection in Snipe-IT API
CVE ID :CVE-2026-54329 Published : July 10, 2026, 7:17 p.m. | 1 hour, 15 minutes ago Description :Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the Accessories API create path mass-assigns request parameters to the Accessory model while company_id is mass assignable,...