{"id":"GO-2026-4806","summary":"Authorization bypasses in multiple APIs in go.etcd.io/etcd","details":"Authorization bypasses in multiple APIs in go.etcd.io/etcd","aliases":["BIT-etcd-2026-33413","CVE-2026-33413","GHSA-q8m4-xhhv-38mg"],"modified":"2026-04-10T08:29:30.962330364Z","published":"2026-04-07T14:58:41Z","related":["CGA-rvqf-799h-8h4h"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2026-4806"},"references":[{"type":"ADVISORY","url":"https://github.com/etcd-io/etcd/security/advisories/GHSA-q8m4-xhhv-38mg"}],"affected":[{"package":{"name":"go.etcd.io/etcd","ecosystem":"Go","purl":"pkg:golang/go.etcd.io/etcd"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-4806.json"}},{"package":{"name":"go.etcd.io/etcd/v3","ecosystem":"Go","purl":"pkg:golang/go.etcd.io/etcd/v3"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.4.42"},{"introduced":"3.5.0-alpha.0"},{"fixed":"3.5.28"},{"introduced":"3.6.0-alpha.0"},{"fixed":"3.6.9"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-4806.json"}}],"schema_version":"1.7.5"}