CVE-2026-11441 | theonedev up to 15.0.5 Pull Request /issues/ canAccessIssue issue improper authorization

A vulnerability categorized as critical has been discovered in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization.

This vulnerability is referenced as CVE-2026-11441. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More