CVE-2026-46668

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 10, 2026

Vendor unknown

Description

SpiceDB is an open source database system for creating and managing security-critical application permissions. From version 1.15.0 to before version 1.52.0, caveat structures with nested lists can result in improper cache reuse. This issue has been patched in version 1.52.0.

References

https://github.com/authzed/spicedb/pull/3065
https://github.com/authzed/spicedb/releases/tag/v1.52.0
https://github.com/authzed/spicedb/security/advisories/GHSA-mqcf-gqvg-rmhm