CVE Catalog
CVE-2026-28374
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.20%
10th percentile - higher than 10% of all known CVEs
Summary
Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations.
Risk Assessment
The ability to delete annotations without proper permissions may lead to loss of important information and compromise data integrity.
Recommendation
It is recommended to review and adjust editor permissions to prevent unauthorized deletion of annotations.
Original NVD description (English source)
Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations.

