CVE-2026-33146 | docmost up to 0.70.2 Public Search Endpoint /api/search/share-search improper authorization (GHSA-qq4c-8rjr-w42c)

A vulnerability classified as critical has been found in docmost up to 0.70.2. Affected by this vulnerability is an unknown functionality of the file /api/search/share-search of the component Public Search Endpoint. This manipulation causes improper authorization.

This vulnerability appears as CVE-2026-33146. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More