CVE-2026-41649

Published: Apr 29, 2026 Last Modified: Mag 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,7

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: none

Availability: none

Description

AI Translation Available

Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both `collectionId` and `documentId` are provided in the request, the authorization logic only checks access to the collection, completely ignoring the document. This allows an authenticated attacker to generate a valid public share link for any document on the platform, including documents belonging to other workspaces. The full document contents can then be retrieved via the `documents.info` endpoint. Version 1.7.0 contains a patch.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0003

Percentile

0,1th

Updated

EPSS Score Trend (Last 2 Days)

639

Authorization Bypass Through User-Controlled Key

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism Gain Privileges Or Assume Identity

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: High

View CWE Details

Application

Outline by Getoutline

Product Information

Vendor Getoutline

Product Outline

Version Range Affected

From 0.86.0 (inclusive)

To 1.7.0 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:getoutline:outline:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://github.com/outline/outline/security/advisories/GHSA…

https://github.com/outline/outline/security/advisories/GHSA-23jj-rp48-w7q7

https://github.com/outline/outline/commit/1b91a295e10f58a10…

https://github.com/outline/outline/commit/1b91a295e10f58a1088c54f533773788325ff…

https://github.com/outline/outline/releases/tag/v1.7.0

https://github.com/outline/outline/security/advisories/GHSA…

https://github.com/outline/outline/security/advisories/GHSA-23jj-rp48-w7q7

CVE-2026-41649

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Authorization Bypass Through User-Controlled Key

Common Consequences

Applicable Platforms

Outline by Getoutline

Product Information

Iscriviti alla newsletter