What is CVE-2026-56773?

CVE-2026-56773 is a high-severity vulnerability in Teableio Teable, classified under Missing Authorization. CVSS score: 8.8/10. Published 2026-06-26.

How severe is CVE-2026-56773?

High severity. CVSS v3 base score is 8.8 out of 10.

Auth bypass in Teableio Teable

CVE-2026-56773

Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass authorization checks. Attackers can read table schemas, create tables, and modify or delete records across bases and t…

Vulnerability class: Broken Access Control

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Teableio Teable — versions 0

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

disclosure@vulncheck.com (issue-tracking)
disclosure@vulncheck.com (release-notes)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2026-56773?: CVE-2026-56773 is a high-severity vulnerability in Teableio Teable, classified under Missing Authorization. CVSS score: 8.8/10. Published 2026-06-26.
How severe is CVE-2026-56773?: High severity. CVSS v3 base score is 8.8 out of 10.