CVE-2026-55670
概要

ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original organization and exposed to that organization's administrator. This issue is fixed in version 4.15.2.

公表日 2026年7月11日3:16
登録日 2026年7月11日4:16
最終更新日 2026年7月11日3:56
関連情報、対策とツール
共通脆弱性一覧