By vendor

Snipeitapp vulnerabilities

Known CVEs affecting Snipeitapp products, prioritized by severity, with SEC.co remediation and detection guidance.

1 published vulnerability

  • CVE-2026-48507HIGH 7.1

    Snipe-IT, a popular IT asset and license management system, has a privilege escalation flaw that lets low-privileged users with basic editing permissions lock all administrators out of the system. A user granted only the `users.edit` permission can disable admin accounts by toggling login flags and blocking password reset options, effectively taking control of the instance. The vulnerability affects all versions before 8.6.0 and is fixed in that release.