CVE-2026-61836
Directus · Directus
Directus is vulnerable to unauthorized information disclosure and authorization bypass due to improper handling of sensitive cached data and user-controlled keys.
Executive summary
Directus versions prior to 12.0.0 contain a critical vulnerability that allows unauthenticated attackers to bypass authorization controls and access sensitive cached information.
Vulnerability
This vulnerability involves the use of a cache containing sensitive information and an authorization bypass through user-controlled keys. The flaw is exploitable by unauthenticated remote attackers.
Business impact
The ability for an unauthenticated attacker to bypass authorization and access sensitive data poses a severe risk to organizational confidentiality. Because Directus manages SQL database content, this vulnerability could lead to the unauthorized exposure of proprietary business data, customer information, or administrative credentials. The CVSS score of 8.6 reflects the high potential for significant data compromise.
Remediation
Immediate Action: Upgrade to Directus version 12.0.0 or later immediately.
Proactive Monitoring: Review application logs for unusual access patterns or unauthorized API requests that deviate from established user behavior.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to detect and block suspicious requests targeting the API dashboard.
Exploitation status
Public Exploit Available: Unknown.
Analyst recommendation
Given the high severity of this vulnerability and the potential for unauthorized access to sensitive database content, administrators should prioritize patching immediately. Upgrading to version 12.0.0 is the only effective way to remediate the underlying authorization and cache-handling flaws.