CVE-2026-11500
CVE-2026-11500
A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of the component Static API Key Handler. The manipulation of the argu…
CVSS v3 metric
CVSS v3 base score 5.0 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L.
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-11500?
- CVE-2026-11500 is a medium-severity vulnerability, classified under Improper Authorization. CVSS score: 5.0/10. Published 2026-06-08.
- How severe is CVE-2026-11500?
- Medium severity. CVSS v3 base score is 5.0 out of 10.