CVE-2026-35478 Blast Radius

HIGH • CVSS 8.3InvenTree is an Open Source Inventory Management System. From 0.16.0 to before 1.2.7, any authenticated InvenTree user can create a valid API token at

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-35478.

Start Free Scan →← Back to CVE-2026-35478