LOW
waooAI
CVE published 2026-07-13
CVE-2026-15594
A vulnerability was found in waooAI waoowaoo up to 0.4.1, impacting the function stablePublicIdFromStorageKey in the library src/lib/media/hash.ts of the component Media Handler. The manipulation of the argument storageKey results in improper authorization. The attack may be performed from remote and requires a high level of complexity. This vulnerability allows for improper authorization when the storage [truncated]