CVE-2026-44478 | hoppscotch up to 2026.3.0 /v1/onboarding/config access control (GHSA-7c8p-hj4p-3q3f)

A vulnerability was found in hoppscotch 2023.4.5/2023.12.6/2026.2.0/2026.2.1/2026.3.0 and classified as critical. The impacted element is an unknown function of the file /v1/onboarding/config. Executing a manipulation can lead to improper access controls.

This vulnerability is handled as CVE-2026-44478. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More