CVE-2026-55881: OpenReplay is a self-hosted session replay suite. From 1.22.0 before 1.27.0, getFirstMob returned 15-second presigned S3 download URLs for a session's DOM-replay recording based so
OpenReplay is a self-hosted session replay suite. From 1.22.0 before 1.27.0, getFirstMob returned 15-second presigned S3 download URLs for a session's DOM-replay recording based solely on the session path parameter, while validateProjectAccess checked only that the project belonged to the requester's tenant and did not verify that the session belonged to that project, allowing any authenticated low-privilege user to read another tenant's first 15 seconds of session-replay recording data. This issue is fixed in version 1.27.0.
Details
Original advisory: https://nvd.nist.gov/vuln/detail/CVE-2026-55881
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-55881 | coverage & exploitation status | NVD · CVE.org |
Recent advisories for OpenReplay is a
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- mediumCVE-2026-57230: OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and anal…nvd · 2026-07-10
- highCVE-2026-55880: OpenReplay is a self-hosted session replay suite. In 1.27.0 and earlier, three dashboard and n…nvd · 2026-07-10
- criticalCVE-2026-55879: OpenReplay is a self-hosted session replay suite. From 1.24.0 before 1.25.0, the OpenReplay tr…nvd · 2026-07-10
More from NVD Recent CVEs
- unknownCVE-2026-57828: The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload t…2026-07-11
- unknownCVE-2026-57827: The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload that al…2026-07-11
- highCVE-2026-1359: The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized m…2026-07-11
- highCVE-2026-9282: The W3 Total Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up…2026-07-11
- mediumCVE-2026-9017: The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to autho…2026-07-11