Zero Day MonitorZDM

← Back to list

4.4

CVE-2026-5383PATCHED

runzero · explorer

runZero Explorer missing authorization check

Description

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L (4.4 Medium). This issue was fixed in version 4.0.260208.0 of the runZero Explorer.

Affected Products

Vendor	Product	Versions
runzero	explorer	0

References

https://help.runzero.com/docs/release-notes/#402602080(release-notes)
https://www.runzero.com/advisories/runzero-explorer-cve-2026-5383/(vendor-advisory)

Related News (1 articles)

Tier C

VulDB7h ago

CVE-2026-5383 | runZero Explorer prior 4.0.260208.0 Organization authorization

→ No new info (linked only)

CVSS 3.14.4 MEDIUM

VectorCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L

CISA KEV❌ No

Actively exploited❌ No

Patch available

4.0.260208.0

CWECWE-863

PublishedApr 7, 2026

Last enriched6h agov2

Trending Score23

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-5376

runZero Platform session timeout failure

HIGHCVE-2026-5380

runZero Platform cleartext secret exposure

HIGHCVE-2026-5378

runZero Platform user creation leak

MEDIUMCVE-2026-5384

runZero Platform incorrect credential scope

MEDIUMCVE-2026-5382

runZero Platform MCP endpoint information leak

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 7, 2026

Discovered by ZDM

Apr 7, 2026

Updated: description, severity, affectedVersions

Apr 7, 2026

Patch Available

Apr 7, 2026

Version History

v2

Last enriched 6h ago

v2Tier C6h ago

Updated description with new details about the vulnerability and changed severity to HIGH.

descriptionseverityaffectedVersions

via VulDB

v17h ago

Initial creation