CVE-2026-46668
Description
SpiceDB is an open source database system for creating and managing security-critical application permissions. From version 1.15.0 to before version 1.52.0, caveat structures with nested lists can result in improper cache reuse. This issue has been patched in version 1.52.0.
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2026-46668? +
How do I check if I'm vulnerable to CVE-2026-46668? +
Related Vulnerabilities
NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/pages/forum/get_quotes.php` only checks whether the caller is logged in, then …
Insecure Direct Object References (IDOR) in access control in Customer Portal before 2.1.4 on NightWolf Penetration Testing allows an attacker …
Insecure Direct Object References (IDOR) in access control in Tracking 2.1.4 on NightWolf Penetration Testing allows an attacker to access …
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a …
An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate …
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Starting in version 2.17.1 and prior to version …