CVE-2025-46331

Vulnerability Description

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.10 to v1.3.6 (Helm chart <= openfga-0.2.28, docker <= v.1.8.10) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. This issue has been patched in version 1.8.11.

Vulnerability Details

Published Date

April 30, 2025

Last Modified

December 31, 2025

Source

NVD

CVE-2025-46331

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment