Authorization Bypass Vulnerability in Velocidex Velociraptor Software
CVE-2026-7573

5MEDIUM

Key Information:

Vendor: Velocidex
Status: Velociraptor
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-7573?

An authorization bypass vulnerability in the GetUserRoles gRPC API endpoint of Velocidex Velociraptor prior to version 0.76.5 permits any authenticated low-privilege user to access comprehensive ACL policies, including roles and permissions for any user across all organizations. This is achieved by supplying specific Name and Org parameters in a network request, allowing potential exposure of sensitive permission data.

Affected Version(s)

velociraptor 0 < 0.76.5

References

https://docs.velociraptor.app/announcements/advisories/cv...

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

Credit

michaelddickenson

CVE-2026-7573 Data

JSON