Access Control Flaw in OliveTin Web Interface
CVE-2026-32102

7.1HIGH

Key Information:

Vendor: Olivetin
Status: Olivetin
Vendor: CVE Published:; 11 March 2026

What is CVE-2026-32102?

OliveTin's web interface has a serious access control flaw that allows low-privileged users to view execution events and sensitive action outputs without proper authorization. This issue arises in versions 3000.10.2 and earlier, where the system fails to enforce per-action authorization, leading to potential exposure of sensitive data and security breaches. It is crucial for users to update to the latest version to mitigate these risks.

Affected Version(s)

OliveTin < 3000.10.2

References

https://github.com/OliveTin/OliveTin/security/advisories/...

x_refsource_CONFIRM

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2026
Vulnerability Reserved
Mar 10, 2026

CVE-2026-32102 Data

JSON

Olivetin

What is CVE-2026-32102?

Affected Version(s)

References

CVSS V4

Timeline