PatchSiren

go-shiori CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH go-shiori CVE published 2026-07-13

CVE-2026-61463

CVE-2026-61463 is a high-severity vulnerability in Shiori that allows authenticated users to escalate privileges by modifying the owner field in the account update endpoint. This vulnerability has significant implications for users of Shiori, administrators of Shiori installations, and security teams responsible for vulnerability management. The vulnerability exists due to a lack of authorization checks i [truncated]