CVE-2026-16208 is a low-severity vulnerability in django-tastypie up to 0.15.1. A race condition exists in the CacheThrottle/CacheDBThrottle function. The attack may be initiated remotely with high complexity and difficult exploitability. Users of django-tastypie should assess the impact of this vulnerability and apply patches or updates as soon as available.
CVE-2026-16207 is a vulnerability in django-tastypie up to 0.15.1, impacting the ApiKeyAuthentication function in tastypie/authentication.py. The vulnerability involves the use of the GET request method with sensitive query strings, allowing for remote exploitation with high complexity and difficult exploitability. The project was informed early through an issue report but has not responded yet with a fix [truncated]