Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-z892-as8t-x7fg

Summary In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281.

Aliases

alias	CVE-2026-20448

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-20448

reference_id

reference_type

scores

value	5e-05
scoring_system	epss
scoring_elements	0.00243
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-20448

reference_url

https://corp.mediatek.com/product-security-bulletin/May-2026

reference_id

May-2026

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-04T12:57:17Z/

url

https://corp.mediatek.com/product-security-bulletin/May-2026

Weaknesses

cwe_id	280
name	Improper Handling of Insufficient Permissions or Privileges
description	The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.

Exploits

Severity_range_score 6.7 - 6.7

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z892-as8t-x7fg

Vulnerability Instance