Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

authzed — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting authzed. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by authzed:spicedb
CVE IDTitleCVSSSeverityPublished
CVE-2026-40091 SpiceDB: SPICEDB_DATASTORE_CONN_URI is leaked on startup logs — spicedbCWE-532 6.0 Medium2026-04-14
CVE-2025-65111 SpiceDB's LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results — spicedbCWE-277 5.4 -2025-11-21
CVE-2025-64529 SpiceDB's WriteRelationships fails silently if payload is too big — spicedbCWE-770 8.1 -2025-11-10
CVE-2025-49011 SpiceDB checks involving relations with caveats can result in no permission when permission is expected — spicedbCWE-358 3.7 Low2025-06-06
CVE-2024-48909 SpiceDB calls to LookupResources using LookupResources2 with caveats may return context is missing when it is not — spicedbCWE-172 2.0 Low2024-10-14
CVE-2024-46989 Multiple caveats on resources of the same type can result in no permission when permission is expected — spicedbCWE-269 3.7 Low2024-09-18
CVE-2024-38361 Permissions processing error in spacedb — spicedbCWE-281 3.7 Low2024-06-20
CVE-2024-32001 SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used — spicedbCWE-755 2.2 Low2024-04-10
CVE-2024-27101 Integer overflow in chunking helper causes dispatching to miss elements or panic — spicedbCWE-190 7.3 High2024-03-01
CVE-2023-46255 `SPICEDB_DATASTORE_CONN_URI` is leaked when URI cannot be parsed — spicedbCWE-532 4.2 Medium2023-10-31
CVE-2023-35930 LookupResources may return partial results in spicedb — spicedbCWE-913 3.7 Low2023-06-26
CVE-2023-29193 SpiceDB binding metrics port to untrusted networks and can leak command-line flags — spicedbCWE-209 8.7 High2023-04-14
CVE-2022-21646 Lookup operations do not take into account wildcards in SpiceDB — spicedbCWE-155 8.1 High2022-01-11

This page lists every published CVE security advisory associated with authzed. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.