CVE-2026-40600 | Chartbrew 4.9.0 policy_id authorization (GHSA-pq8h-2h99-39xm)

April 30, 2026 Yanac

A vulnerability was found in Chartbrew 4.9.0. It has been rated as critical. The impacted element is an unknown function. This manipulation of the argument policy_id causes authorization bypass.

This vulnerability is tracked as CVE-2026-40600. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2026-40603 | Chartbrew 4.9.0 access control (GHSA-6qr3-g75h-xm3f)
CVE-2026-40595 | Chartbrew 4.9.0 Public Chart Retrieval access control (GHSA-mq7q-6xh6-5649)