PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-55475 grokability CVE debrief

CVE-2026-55475 is a MEDIUM severity vulnerability in Snipe-IT's Importer API endpoint. Prior to version 8.6.1, a user with CSV import capabilities and a valid API key could overwrite the created_by value of an import file. This allowed unauthorized modification of import ownership metadata. The issue is fixed in version 8.6.1. Users of Snipe-IT asset/license management system should be aware of this vulnerability if they are using versions prior to 8.6.1 and have the Importer API endpoint exposed or used within their organization. The vulnerability has a CVSS score of 5.7 and a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N.

Vendor
grokability
Product
snipe-it
CVSS
MEDIUM 5.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-10
Original CVE updated
2026-07-10
Advisory published
2026-07-10
Advisory updated
2026-07-10

Who should care

Users of Snipe-IT asset/license management system should be aware of this vulnerability if they are using versions prior to 8.6.1 and have the Importer API endpoint exposed or used within their organization. Operators, platform administrators, vulnerability management teams, and security teams should review the vulnerability and apply the patch from version 8.6.1.

Technical summary

The Importer API endpoint in Snipe-IT, an IT asset/license management system, allowed a user with CSV import capabilities and a valid API key to overwrite the created_by value of an import file. This enabled unauthorized modification of import ownership metadata. The vulnerability is characterized by a CVSS score of 5.7 and a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N. It is classified under CWE-863. The vulnerability was fixed in version 8.6.1. Users should apply the patch and monitor for suspicious activity.

Defensive priority

Apply the patch from version 8.6.1 to prevent unauthorized modification of import ownership metadata. Restrict access to the Importer API endpoint and monitor for suspicious activity related to import files and ownership metadata.

Recommended defensive actions

  • Apply the patch from version 8.6.1
  • Restrict access to the Importer API endpoint
  • Monitor for suspicious activity related to import files and ownership metadata
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up

Evidence notes

Evidence is limited. Official CVE and NVD records confirm the vulnerability and its fix. Additional details from source references are needed for deeper understanding. The vulnerability allows unauthorized modification of import ownership metadata in Snipe-IT's Importer API endpoint. Users should verify their exposure and apply the patch from version 8.6.1. Limited source details are available, so defenders should focus on applying the patch and monitoring for suspicious activity.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T20:16:47.333Z and has not been modified since then.