Known Vulnerabilities for Snipe-it by Grokability
Listed below are 10 of the newest known vulnerabilities associated with "Snipe-it" by "Grokability".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-55843 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.0, UsersController::update() passes a missing permission requ... | Not Provided | 2026-07-10 | 2026-07-13 |
| CVE-2026-55542 json | Snipe-IT is an IT asset/license management system. Prior to version 8.6.1, Snipe-IT S3 signature image retrieval lacks author... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-55516 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.2, PATCH or PUT /api/v1/maintenances/{maintenance_id} checks ... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-55515 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the unaccepted-assets report delete endpoint authorizes on... | Not Provided | 2026-07-10 | 2026-07-13 |
| CVE-2026-55481 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.2, default.blade.php renders header_color and related brandin... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-55479 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the legacy single-seat license checkin flow authorizes the... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-55478 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/{kit_id}/licenses checks whether the cal... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-55476 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.0, POST /account/request/{itemType}/{itemId}/{cancel_by_admin... | Not Provided | 2026-07-10 | 2026-07-13 |
| CVE-2026-55475 json | Snipe-IT is an IT asset/license management system. Prior to 8.6.1, the Importer API endpoint allows a user with CSV import ca... | Not Provided | 2026-07-10 | 2026-07-13 |
| CVE-2026-55474 json | Snipe-IT is an IT asset/license management system. Prior to 8.5.0, ActionlogController::displaySig concatenates the route fil... | Not Provided | 2026-07-10 | 2026-07-10 |