PatchSiren

haiwen CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH haiwen CVE published 2026-06-25

CVE-2026-56768

CVE-2026-56768 is an authentication bypass vulnerability in Seahub's Share Link Zip Task View. The vulnerability exists because Seahub before version 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on the GET /api/v2.1/share-link-zip-task/ endpoint. This allows unauthenticated users to bypass authentication and obtain a fileserver zip token by providing a folder share-link token. With this token, attac [truncated]