๐Ÿ” CVE Alert

CVE-2026-5599

UNKNOWN 0.0

API allows deletion of users of other instance

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
13th

A user with API access and "manage users" permission in any venueless world is able to trigger deletion of user accounts in other worlds.

CWE CWE-653
Vendor pretix
Product venueless
Published Apr 5, 2026
Last Updated Apr 6, 2026
Stay Ahead of the Next One

Get instant alerts for pretix venueless

Be the first to know when new unknown vulnerabilities affecting pretix venueless are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

pretix / Venueless
0.0.0 < 02b9cbe5

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/venueless/venueless/security/advisories/GHSA-gwjc-33fv-2gh4

Credits

Pratik Karan