CVE-2026-31863

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-31863

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31863.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-31863

Aliases

Downstream

SUSE-SU-2026:1042-1

Related

SUSE-SU-2026:1042-1

Published

2026-03-11T17:43:08.106Z

Modified

2026-04-10T05:43:03.313505Z

Severity

3.6 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

Improper Restriction of Excessive Authentication Attempts in github.com/anyproto/anytype-heart

Details

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-307"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31863.json"
}

References

Affected packages

Git / github.com/anyproto/anytype-heart

Affected ranges

Type: GIT
Repo: https://github.com/anyproto/anytype-heart
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

20aa20917271b1298baef683b422564597648e1f

Affected versions

v0.*

v0.26.3

v0.26.4

v0.26.5

v0.26.6

v0.27.0

v0.27.1

v0.27.10

v0.27.11

v0.27.12

v0.27.13

v0.27.14

v0.27.16

v0.27.17

v0.27.18

v0.27.19

v0.27.2

v0.27.20

v0.27.3

v0.27.4

v0.27.5

v0.27.6

v0.27.7

v0.27.8

v0.27.9

v0.28.0

v0.28.0-alpha6

v0.28.1

v0.28.2

v0.28.3

v0.28.4

v0.29.0

v0.29.0-alpha

v0.29.1

v0.29.10

v0.29.11

v0.29.12

v0.29.2

v0.29.3

v0.29.4

v0.29.5

v0.29.6

v0.29.7

v0.29.8

v0.29.9

v0.30.0

v0.30.0-rc1

v0.30.0-rc2

v0.30.0-rc3

v0.30.0-rc4

v0.30.0-rc5

v0.30.0-rc6

v0.30.0-rc7

v0.30.0-rc8

v0.30.1

v0.30.2

v0.30.3

v0.30.5

v0.30.6

v0.30.7

v0.30.8

v0.30.9

v0.31.0

v0.31.1

v0.31.3

v0.31.4

v0.31.5

v0.32.0

v0.32.0-rc1

v0.32.0-rc10

v0.32.0-rc11

v0.32.0-rc2

v0.32.0-rc3

v0.32.0-rc4

v0.32.0-rc5

v0.32.0-rc6

v0.32.0-rc7

v0.32.0-rc8

v0.32.0-rc9

v0.32.1

v0.32.2

v0.33.0

v0.33.0-rc1

v0.33.0-rc10

v0.33.0-rc11

v0.33.0-rc12

v0.33.0-rc13

v0.33.0-rc14

v0.33.0-rc15

v0.33.0-rc16

v0.33.0-rc17

v0.33.0-rc18

v0.33.0-rc19

v0.33.0-rc2

v0.33.0-rc20

v0.33.0-rc21

v0.33.0-rc22

v0.33.0-rc3

v0.33.0-rc4

v0.33.0-rc5

v0.33.0-rc6

v0.33.0-rc7

v0.33.0-rc8

v0.33.0-rc9

v0.33.1

v0.33.2

v0.34.0

v0.34.0-rc1

v0.34.0-rc2

v0.34.0-rc3

v0.34.0-rc4

v0.34.0-rc5

v0.34.0-rc6

v0.34.0-rc7

v0.34.0-rc8

v0.34.0-rc9

v0.34.1

v0.34.2

v0.34.3

v0.35.0-rc1

v0.35.0-rc10

v0.35.0-rc11

v0.35.0-rc2

v0.35.0-rc3

v0.35.0-rc6

v0.35.0-rc7

v0.35.0-rc8

v0.35.0-rc9

v0.36.0

v0.36.0-rc1

v0.36.0-rc2

v0.36.0-rc3

v0.36.0-rc4

v0.36.0-rc5

v0.36.0-rc6

v0.36.0-rc7

v0.36.0-rc8

v0.36.0-rc9

v0.36.1

v0.36.2

v0.36.3

v0.36.4

v0.36.5

v0.36.5-alpha1

v0.36.5-alpha2

v0.37.0

v0.37.0-alpha01

v0.37.0-alpha02

v0.37.0-alpha03

v0.37.0-alpha04

v0.37.0-alpha05

v0.37.1

v0.37.3

v0.37.4

v0.38.0

v0.38.1

v0.38.2

v0.38.3

v0.38.4

v0.38.5

v0.38.6

v0.38.7

v0.38.8

v0.39.0-rc02

v0.39.0-rc03

v0.39.0-rc04

v0.39.0-rc05

v0.39.0-rc06

v0.39.0-rc07

v0.39.0-rc08

v0.39.0-rc09

v0.39.0-rc1

v0.39.1

v0.39.10

v0.39.2

v0.39.3

v0.39.4

v0.39.5

v0.39.6

v0.39.7

v0.39.8

v0.39.9

v0.40.0

v0.40.0-alpha01

v0.40.0-alpha02

v0.40.0-rc1

v0.40.0-rc10

v0.40.0-rc11

v0.40.0-rc2

v0.40.0-rc3

v0.40.0-rc4

v0.40.0-rc5

v0.40.0-rc6

v0.40.0-rc7

v0.40.0-rc8

v0.40.0-rc9

v0.40.1

v0.40.11

v0.40.12

v0.40.13

v0.40.14

v0.40.15

v0.40.16

v0.40.17

v0.40.18

v0.40.19

v0.40.2

v0.40.3

v0.40.4

v0.40.5

v0.40.6

v0.40.7

v0.40.8

v0.40.9

v0.41.0-alpha

v0.41.0-rc

v0.41.0-rc1

v0.41.0-rc10

v0.41.0-rc11

v0.41.0-rc12

v0.41.0-rc13

v0.41.0-rc14

v0.41.0-rc15

v0.41.0-rc16

v0.41.0-rc17

v0.41.0-rc18

v0.41.0-rc19

v0.41.0-rc2

v0.41.0-rc20

v0.41.0-rc21

v0.41.0-rc22

v0.41.0-rc3

v0.41.0-rc4

v0.41.0-rc5

v0.41.0-rc6

v0.41.0-rc7

v0.41.0-rc8

v0.41.0-rc9

v0.42.0

v0.42.0-rc1

v0.42.0-rc10

v0.42.0-rc11

v0.42.0-rc12

v0.42.0-rc13

v0.42.0-rc14

v0.42.0-rc15

v0.42.0-rc16

v0.42.0-rc17

v0.42.0-rc18

v0.42.0-rc19

v0.42.0-rc2

v0.42.0-rc20

v0.42.0-rc21

v0.42.0-rc22

v0.42.0-rc23

v0.42.0-rc24

v0.42.0-rc25

v0.42.0-rc26

v0.42.0-rc27

v0.42.0-rc28

v0.42.0-rc29

v0.42.0-rc3

v0.42.0-rc30

v0.42.0-rc31

v0.42.0-rc4

v0.42.0-rc5

v0.42.0-rc6

v0.42.0-rc7

v0.42.0-rc8

v0.42.0-rc9

v0.42.4-nightly-20250820161650

v0.43.0-rc01

v0.43.0-rc02

v0.44.0-nightly-20250821085427

v0.44.0-nightly-20250821173658

v0.44.0-nightly-20250821202312

v0.44.0-nightly-20250821212538

v0.44.0-nightly-20250821213943

v0.44.0-nightly-20250825150218

v0.44.0-nightly-20250825175002

v0.44.0-nightly-20250825183418

v0.44.0-nightly-20250825222411

v0.44.0-nightly-20250825225011

v0.44.0-nightly-20250826025138

v0.44.0-nightly.20250826.1

v0.44.0-nightly.20250830.1

v0.44.0-nightly.20250901.1

v0.44.0-nightly.20250902.1

v0.44.0-nightly.20250903.1

v0.44.0-nightly.20250905.1

v0.44.0-nightly.20250906.1

v0.44.0-nightly.20250909.1

v0.44.0-nightly.20250910.1

v0.44.0-nightly.20250910.2

v0.44.0-nightly.20250911.1

v0.44.0-nightly.20250911.2

v0.44.0-nightly.20250913.1

v0.44.0-nightly.20250917.1

v0.44.0-nightly.20250918.1

v0.44.0-nightly.20250919.1

v0.44.0-nightly.20250920.1

v0.44.0-nightly.20250924.1

v0.44.0-nightly.20250925.1

v0.44.0-nightly.20250927.1

v0.44.0-nightly.20250930.1

v0.44.0-nightly.20251001.1

v0.44.0-nightly.20251002.1

v0.44.0-nightly.20251003.1

v0.44.0-nightly.20251004.1

v0.44.0-nightly.20251007.1

v0.44.0-nightly.20251008.1

v0.44.0-nightly.20251009.1

v0.44.0-nightly.20251010.1

v0.44.0-nightly.20251013.1

v0.44.0-nightly.20251015.1

v0.44.0-nightly.20251016.1

v0.44.0-nightly.20251018.1

v0.44.0-nightly.20251022.1

v0.44.0-nightly.20251022.2

v0.44.0-nightly.20251024.1

v0.44.0-nightly.20251025.1

v0.44.0-nightly.20251030.1

v0.44.0-nightly.20251103.1

v0.44.0-nightly.20251104.1

v0.44.0-nightly.20251105.1

v0.44.0-nightly.20251106.1

v0.44.0-nightly.20251108.1

v0.44.0-nightly.20251111.1

v0.44.0-nightly.20251114.1

v0.44.0-nightly.20251115.1

v0.44.0-nightly.20251119.1

v0.44.0-nightly.20251120.1

v0.44.0-nightly.20251121.1

v0.44.0-nightly.20251124.1

v0.44.0-nightly.20251126.1

v0.44.0-nightly.20251202.1

v0.44.0-nightly.20251203.1

v0.44.0-nightly.20251204.1

v0.44.0-nightly.20251205.1

v0.44.0-nightly.20251206.1

v0.44.0-nightly.20251209.1

v0.44.0-nightly.20251211.1

v0.44.0-nightly.20251212.1

v0.44.0-nightly.20251213.1

v0.44.0-nightly.20251216.1

v0.44.0-nightly.20251217.1

v0.44.0-nightly.20251218.1

v0.44.0-nightly.20251219.1

v0.44.0-nightly.20251220.1

v0.44.0-nightly.20251225.1

v0.44.0-nightly.20260121.1

v0.44.0-nightly.20260121.2

v0.44.0-nightly.20260123.1

v0.44.0-nightly.20260127.1

v0.44.0-nightly.20260128.1

v0.44.0-nightly.20260129.1

v0.44.0-nightly.20260130.1

v0.44.0-nightly.20260131.1

v0.44.0-nightly.20260203.1

v0.44.0-nightly.20260204.1

v0.44.0-nightly.20260205.1

v0.44.0-nightly.20260209.1

v0.44.0-nightly.20260211.1

v0.44.0-nightly.20260212.1

v0.44.0-nightly.20260213.1

v0.44.0-nightly.20260214.1

v0.44.0-nightly.20260217.1

v0.44.0-rc01

v0.44.0-rc02

v0.44.0-rc03

v0.44.0-rc04

v0.44.0-rc05

v0.44.0-rc06

v0.44.0-rc07

v0.44.0-rc08

v0.44.0-rc09

v0.44.0-rc10

v0.44.1

v0.45.0

v0.45.0-rc01

v0.45.0-rc02

v0.45.0-rc03

v0.45.1

v0.45.3

v0.45.4

v0.45.5

v0.46.0

v0.46.0-rc01

v0.46.0-rc02

v0.46.0-rc03

v0.46.0-rc04

v0.46.0-rc05

v0.46.1

v0.46.2

v0.46.3

v0.47.0

v0.47.1

v0.48.0

v0.48.0-rc01

v0.48.0-rc02

v0.48.0-rc03

v0.48.0-rc04

v0.48.0-rc05

v0.48.0-rc06

v0.48.0-rc07

v0.48.1

v0.48.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31863.json"