HIGH
haiwen
CVE published 2026-06-25
CVE-2026-56768
CVE-2026-56768 is an authentication bypass vulnerability in Seahub's Share Link Zip Task View. The vulnerability exists because Seahub before version 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on the GET /api/v2.1/share-link-zip-task/ endpoint. This allows unauthenticated users to bypass authentication and obtain a fileserver zip token by providing a folder share-link token. With this token, attac [truncated]