Auth bypass in Phenixdigital Phoenix_storybook

CVE-2026-47068

Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenix_storybook allows cross-session PubSub topic injection via a URL query parameter. 'Elixir.PhoenixStorybook.Story.ComponentIframeLive':handle_params/3 i…

Vulnerability class: IDOR (Insecure Direct Object Reference)

EPSS: 0.001 (17.2th percentile) — read the EPSS interpretation.