Auth bypass in Openreplay
CVE-2026-45297
OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, there is a cross-tenant IDOR on feature-flag and assist-stats routes via {project_id} case mismatch. ProjectAuthorizer.__call__ (OSS api/auth/auth_project.py:14-38 and EE e…
EPSS: 0.000 (13.5th percentile) — read the EPSS interpretation.
Affected products
- Openreplay — versions < 1.26.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)