CVE-2026-61836

Directus · Directus

Directus is vulnerable to unauthorized information disclosure and authorization bypass due to improper handling of sensitive cached data and user-controlled keys.

Executive summary

Directus versions prior to 12.0.0 contain a critical vulnerability that allows unauthenticated attackers to bypass authorization controls and access sensitive cached information.

Vulnerability

This vulnerability involves the use of a cache containing sensitive information and an authorization bypass through user-controlled keys. The flaw is exploitable by unauthenticated remote attackers.

Business impact

The ability for an unauthenticated attacker to bypass authorization and access sensitive data poses a severe risk to organizational confidentiality. Because Directus manages SQL database content, this vulnerability could lead to the unauthorized exposure of proprietary business data, customer information, or administrative credentials. The CVSS score of 8.6 reflects the high potential for significant data compromise.

Remediation

Immediate Action: Upgrade to Directus version 12.0.0 or later immediately.

Proactive Monitoring: Review application logs for unusual access patterns or unauthorized API requests that deviate from established user behavior.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to detect and block suspicious requests targeting the API dashboard.

Exploitation status

Public Exploit Available: Unknown.

Analyst recommendation

Given the high severity of this vulnerability and the potential for unauthorized access to sensitive database content, administrators should prioritize patching immediately. Upgrading to version 12.0.0 is the only effective way to remediate the underlying authorization and cache-handling flaws.