CVE-2026-22589 | Spree up to 4.10.1/5.0.6/5.1.8/5.2.4 authorization (GHSA-3ghg-3787-w2xr)

A vulnerability described as problematic has been identified in Spree up to 4.10.1/5.0.6/5.1.8/5.2.4. The impacted element is an unknown function. The manipulation results in authorization bypass.

This vulnerability is known as CVE-2026-22589. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More