Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:LSnipeitapp Snipe It
APPSnipeitapp5.3.10< 5.3.10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2026-37709CRITICAL9.8PL ✓ten sam produkt
RCE w Snipe-IT — Insecure Permissions w API uploadu plików
CVE-2025-63601CRITICAL9.9PL ✓ten sam produkt
RCE w Snipe-IT via złośliwy plik backup (CVE-2025-63601)
CVE-2026-48507HIGH7.1ten sam produkt
Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-adm...
CVE-2026-44832HIGH8.7ten sam produkt
Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit...
CVE-2025-15602HIGH8.7ten sam produkt
Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insu...