CVE-2026-57954

MEDIUM 4.3

Elide 7.1.17 - Permission Bypass in Sort Expression Validation

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across all rows via both JSON:API and GraphQL read paths.

CWE	CWE-862
Vendor	yahoo
Product	elide
Published	Jun 29, 2026

Stay Ahead of the Next One

Get instant alerts for yahoo elide

Be the first to know when new medium vulnerabilities affecting yahoo elide are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected Versions

yahoo / elide

0 ≤ 7.1.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/yahoo/elide/issues/3415 vulncheck.com: https://www.vulncheck.com/advisories/elide-permission-bypass-in-sort-expression-validation

Credits

George Chen