CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-7573

An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy (roles and permissions) for any user across all organizations by supplying targeted Name and Org parameters via a network request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.1%

CVSS Severity

CVSS v3 Score 5.0

References

https://docs.velociraptor.app/announcements/advisories/cve-2026-7573/

Products affected by CVE-2026-7573

Rapid7 » Velociraptor » Version: N/A

cpe:2.3:a:rapid7:velociraptor:-
Rapid7 » Velociraptor » Version: 0.1

cpe:2.3:a:rapid7:velociraptor:0.1
Rapid7 » Velociraptor » Version: 0.2.1

cpe:2.3:a:rapid7:velociraptor:0.2.1
Rapid7 » Velociraptor » Version: 0.2.2

cpe:2.3:a:rapid7:velociraptor:0.2.2
Rapid7 » Velociraptor » Version: 0.2.3

cpe:2.3:a:rapid7:velociraptor:0.2.3
Rapid7 » Velociraptor » Version: 0.2.4

cpe:2.3:a:rapid7:velociraptor:0.2.4
Rapid7 » Velociraptor » Version: 0.2.5

cpe:2.3:a:rapid7:velociraptor:0.2.5
Rapid7 » Velociraptor » Version: 0.2.6

cpe:2.3:a:rapid7:velociraptor:0.2.6
Rapid7 » Velociraptor » Version: 0.2.7

cpe:2.3:a:rapid7:velociraptor:0.2.7
Rapid7 » Velociraptor » Version: 0.2.8

cpe:2.3:a:rapid7:velociraptor:0.2.8
Rapid7 » Velociraptor » Version: 0.2.9

cpe:2.3:a:rapid7:velociraptor:0.2.9
Rapid7 » Velociraptor » Version: 0.3.0

cpe:2.3:a:rapid7:velociraptor:0.3.0
Rapid7 » Velociraptor » Version: 0.3.1

cpe:2.3:a:rapid7:velociraptor:0.3.1
Rapid7 » Velociraptor » Version: 0.3.2

cpe:2.3:a:rapid7:velociraptor:0.3.2
Rapid7 » Velociraptor » Version: 0.3.3

cpe:2.3:a:rapid7:velociraptor:0.3.3
Rapid7 » Velociraptor » Version: 0.3.4

cpe:2.3:a:rapid7:velociraptor:0.3.4
Rapid7 » Velociraptor » Version: 0.3.5

cpe:2.3:a:rapid7:velociraptor:0.3.5
Rapid7 » Velociraptor » Version: 0.3.6

cpe:2.3:a:rapid7:velociraptor:0.3.6
Rapid7 » Velociraptor » Version: 0.3.7

cpe:2.3:a:rapid7:velociraptor:0.3.7
Rapid7 » Velociraptor » Version: 0.3.8

cpe:2.3:a:rapid7:velociraptor:0.3.8
Rapid7 » Velociraptor » Version: 0.3.9

cpe:2.3:a:rapid7:velociraptor:0.3.9
Rapid7 » Velociraptor » Version: 0.4.0

cpe:2.3:a:rapid7:velociraptor:0.4.0
Rapid7 » Velociraptor » Version: 0.4.1

cpe:2.3:a:rapid7:velociraptor:0.4.1
Rapid7 » Velociraptor » Version: 0.4.2

cpe:2.3:a:rapid7:velociraptor:0.4.2
Rapid7 » Velociraptor » Version: 0.4.3

cpe:2.3:a:rapid7:velociraptor:0.4.3
Rapid7 » Velociraptor » Version: 0.4.4

cpe:2.3:a:rapid7:velociraptor:0.4.4
Rapid7 » Velociraptor » Version: 0.4.5

cpe:2.3:a:rapid7:velociraptor:0.4.5
Rapid7 » Velociraptor » Version: 0.4.6

cpe:2.3:a:rapid7:velociraptor:0.4.6
Rapid7 » Velociraptor » Version: 0.4.7

cpe:2.3:a:rapid7:velociraptor:0.4.7
Rapid7 » Velociraptor » Version: 0.4.8

cpe:2.3:a:rapid7:velociraptor:0.4.8
Rapid7 » Velociraptor » Version: 0.4.9

cpe:2.3:a:rapid7:velociraptor:0.4.9
Rapid7 » Velociraptor » Version: 0.5.0

cpe:2.3:a:rapid7:velociraptor:0.5.0
Rapid7 » Velociraptor » Version: 0.5.1

cpe:2.3:a:rapid7:velociraptor:0.5.1
Rapid7 » Velociraptor » Version: 0.5.2

cpe:2.3:a:rapid7:velociraptor:0.5.2
Rapid7 » Velociraptor » Version: 0.5.3

cpe:2.3:a:rapid7:velociraptor:0.5.3
Rapid7 » Velociraptor » Version: 0.5.4

cpe:2.3:a:rapid7:velociraptor:0.5.4
Rapid7 » Velociraptor » Version: 0.5.5

cpe:2.3:a:rapid7:velociraptor:0.5.5
Rapid7 » Velociraptor » Version: 0.5.5-1

cpe:2.3:a:rapid7:velociraptor:0.5.5-1
Rapid7 » Velociraptor » Version: 0.5.6

cpe:2.3:a:rapid7:velociraptor:0.5.6
Rapid7 » Velociraptor » Version: 0.5.7

cpe:2.3:a:rapid7:velociraptor:0.5.7
Rapid7 » Velociraptor » Version: 0.5.8

cpe:2.3:a:rapid7:velociraptor:0.5.8
Rapid7 » Velociraptor » Version: 0.5.9

cpe:2.3:a:rapid7:velociraptor:0.5.9
Rapid7 » Velociraptor » Version: 0.6.0

cpe:2.3:a:rapid7:velociraptor:0.6.0
Rapid7 » Velociraptor » Version: 0.6.5-2

cpe:2.3:a:rapid7:velociraptor:0.6.5-2
Rapid7 » Velociraptor » Version: 0.6.6

cpe:2.3:a:rapid7:velociraptor:0.6.6
Rapid7 » Velociraptor » Version: 0.6.6-1

cpe:2.3:a:rapid7:velociraptor:0.6.6-1
Rapid7 » Velociraptor » Version: 0.6.7

cpe:2.3:a:rapid7:velociraptor:0.6.7
Rapid7 » Velociraptor » Version: 0.6.7-1

cpe:2.3:a:rapid7:velociraptor:0.6.7-1
Rapid7 » Velociraptor » Version: 0.6.7-3

cpe:2.3:a:rapid7:velociraptor:0.6.7-3
Rapid7 » Velociraptor » Version: 0.6.7-4

cpe:2.3:a:rapid7:velociraptor:0.6.7-4
Rapid7 » Velociraptor » Version: 0.6.7-5

cpe:2.3:a:rapid7:velociraptor:0.6.7-5
Rapid7 » Velociraptor » Version: 0.6.8

cpe:2.3:a:rapid7:velociraptor:0.6.8
Rapid7 » Velociraptor » Version: 0.6.9

cpe:2.3:a:rapid7:velociraptor:0.6.9
Rapid7 » Velociraptor » Version: 0.6.9-1

cpe:2.3:a:rapid7:velociraptor:0.6.9-1
Rapid7 » Velociraptor » Version: 0.7.0

cpe:2.3:a:rapid7:velociraptor:0.7.0
Rapid7 » Velociraptor » Version: 0.7.0-3

cpe:2.3:a:rapid7:velociraptor:0.7.0-3
Rapid7 » Velociraptor » Version: 0.7.1

cpe:2.3:a:rapid7:velociraptor:0.7.1
Rapid7 » Velociraptor » Version: 0.72

cpe:2.3:a:rapid7:velociraptor:0.72
Rapid7 » Velociraptor » Version: 0.73

cpe:2.3:a:rapid7:velociraptor:0.73
Rapid7 » Velociraptor » Version: 0.74

cpe:2.3:a:rapid7:velociraptor:0.74
Rapid7 » Velociraptor » Version: 0.74.1

cpe:2.3:a:rapid7:velociraptor:0.74.1
Rapid7 » Velociraptor » Version: 0.74.2

cpe:2.3:a:rapid7:velociraptor:0.74.2
Rapid7 » Velociraptor » Version: 0.74.3

cpe:2.3:a:rapid7:velociraptor:0.74.3
Rapid7 » Velociraptor » Version: 0.74.4

cpe:2.3:a:rapid7:velociraptor:0.74.4
Rapid7 » Velociraptor » Version: 0.74.5

cpe:2.3:a:rapid7:velociraptor:0.74.5
Rapid7 » Velociraptor » Version: 0.75

cpe:2.3:a:rapid7:velociraptor:0.75
Rapid7 » Velociraptor » Version: 0.75.1

cpe:2.3:a:rapid7:velociraptor:0.75.1
Rapid7 » Velociraptor » Version: 0.75.2

cpe:2.3:a:rapid7:velociraptor:0.75.2
Rapid7 » Velociraptor » Version: 0.75.5

cpe:2.3:a:rapid7:velociraptor:0.75.5
Rapid7 » Velociraptor » Version: 0.75.6

cpe:2.3:a:rapid7:velociraptor:0.75.6
Rapid7 » Velociraptor » Version: 0.75.7

cpe:2.3:a:rapid7:velociraptor:0.75.7
Rapid7 » Velociraptor » Version: 0.76

cpe:2.3:a:rapid7:velociraptor:0.76
Rapid7 » Velociraptor » Version: 0.76.1

cpe:2.3:a:rapid7:velociraptor:0.76.1
Rapid7 » Velociraptor » Version: 0.76.2

cpe:2.3:a:rapid7:velociraptor:0.76.2
Rapid7 » Velociraptor » Version: 0.76.4

cpe:2.3:a:rapid7:velociraptor:0.76.4
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-7573

Products

Pricing

Contact Us