API allows deletion of users of other instance

Description

A vulnerability, which was classified as critical, has been found in pretix Venueless. This vulnerability affects unknown code of the component API. The manipulation leads to improper isolation or compartmentalization.

Affected Products

Vendor	Product	Versions
pretix	venueless	0.0.0

References

https://github.com/venueless/venueless/security/advisories/GHSA-gwjc-33fv-2gh4

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-5599 | pretix Venueless API improper isolation or compartmentalization (02b9cbe5)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

02b9cbe5

CWECWE-653

PublishedApr 5, 2026

Last enriched3h agov2

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 3h ago

v2Tier C3h ago

Updated severity to CRITICAL, added a detailed description, and included CVE-2026-5599 as a new tag.

descriptionseveritytags

via VulDB

v14h ago

Initial creation

API allows deletion of users of other instance

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (3)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History