CVE-2026-42202
Received Received - Intake
Boolean Attribute Manipulation in Nova Toggle

Publication date: 2026-05-08

Last updated on: 2026-05-08

Assigner: GitHub, Inc.

Description
nova-toggle-5 enables fliping booleans in the index. Prior to version 1.3.0, the toggle endpoint (POST/nova-vendor/nova-toggle/toggle/{resource}/{resourceId}) was protected only by web + auth:<guard> middleware. Any user authenticated on the configured guard could call the endpoint and flip boolean attributes on any Nova resource β€” including users who do not have access to Nova itself (for example, frontend customers sharing the web guard with the Nova admin area). The endpoint also accepted an arbitrary attribute parameter, which meant a valid caller could toggle any boolean column on the underlying model β€” not just columns exposed as Toggle fields on the resource. This issue has been patched in version 1.3.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-08
Generated
2026-06-19
AI Q&A
2026-05-09
EPSS Evaluated
2026-06-18
NVD
CVE-2026-42202
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in nova-toggle-5 prior to version 1.3.0, where the toggle endpoint allowed any authenticated user on the configured guard to flip boolean attributes on any Nova resource. This included users who normally would not have access to Nova, such as frontend customers sharing the same web guard as the Nova admin area.

Additionally, the endpoint accepted an arbitrary attribute parameter, enabling a valid caller to toggle any boolean column on the underlying model, not just those exposed as Toggle fields on the resource. This could lead to unauthorized changes to data.

The issue was fixed in version 1.3.0.

Impact Analysis

This vulnerability can impact you by allowing unauthorized users who are authenticated on the same guard to change boolean attributes on any Nova resource, potentially altering data they should not have access to.

Since the endpoint accepts arbitrary attribute parameters, attackers could toggle boolean columns that control important features or states, leading to unauthorized modifications and potential misuse of the system.

The CVSS score of 6.5 indicates a medium severity impact, with high impact on integrity but no impact on confidentiality or availability.

Mitigation Strategies

The vulnerability has been patched in nova-toggle version 1.3.0. To mitigate this vulnerability, you should upgrade nova-toggle to version 1.3.0 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42202. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart