authorization 9

• Authentication Bypass – Direct Dashboard Access | Pivot HR Jun 3, 2026
• Privilege Escalation – Client-Side Role Cookie Tampering | Session Swap May 29, 2026
• IDOR – Account Export Data Disclosure | Remittance May 26, 2026
• Workflow Access Control Bypass – Admin Privilege Escalation | Lazy Human Resources May 18, 2026
• GraphQL BOLA via Introspection & Insecure Resolver Access | Slate Quarry May 15, 2026
• Command Injection & Broken Function Level Authorization | NewsForge May 15, 2026
• IDOR in Order Access – Unauthorized Order Data Exposure | Hartwood May 11, 2026
• UUID-Based IDOR Through Member API | Apex May 9, 2026
• IDOR – Unauthorized Access to Borrower Records | Overdue May 1, 2026