Known Vulnerabilities for products from Runzero
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Runzero".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5384 json | An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope ha... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5383 json | An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5382 json | Not Provided | 2026-04-07 | 2026-04-07 | |
| CVE-2026-5381 json | Not Provided | 2026-04-07 | 2026-04-07 | |
| CVE-2026-5380 json | An issue that could allow an authorized user to view the clear-text secrets for a subset of credential types and fields has b... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5379 json | An issue that allowed MCP agents to access certificate information from outside of their authorized organization scope has be... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5378 json | An issue that allowed administrators to create and update users outside of their authorized organization scope has been resol... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5376 json | An issue that could prevent session inactivity timeouts from triggering due to automatic page reloading has been resolved. Th... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5375 json | An issue that could allow a user with access to a credential to view sensitive fields through an API response has been resolv... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5374 json | An issue that allowed MCP agents to access remediation and asset information from outside of the authorized organization scop... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5373 json | An issue that allowed all-organization administrators to promote accounts to superuser status has been resolved. This is an i... | Not Provided | 2026-04-07 | 2026-04-21 |
| CVE-2026-5372 json | An issue that allowed a SQL injection attack vector related to saved queries (introduced in version 4.0.260123.0). This is an... | Not Provided | 2026-04-07 | 2026-04-21 |