AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-65w6-pf7x-5g85: @delmaredigital/payload-puc is missing authorization on /api/puck/* CRUD endpoints allows unauthenticated access to Puck-registered collections

criticalvulnerability

security

Source: GitHub Advisory DatabaseApril 7, 2026CVE-2026-39397

Summary

The @delmaredigital/payload-puc plugin had a critical authorization flaw where its `/api/puck/*` endpoints (handlers that create, read, update, and delete data) bypassed access control checks, allowing anyone without authentication to read, modify, create, or delete documents in registered collections like website pages. The vulnerability affected only collections explicitly registered with the plugin, not other Payload data collections like users or media.

Solution / Mitigation

Fixed in version 0.6.23. The endpoint handlers in `src/endpoints/index.ts` were updated to pass `overrideAccess: false` and forward the request object to Payload's local API, ensuring collection-level access rules are properly evaluated. As a temporary workaround if immediate upgrade is not possible, place a reverse-proxy or middleware authentication check in front of `/api/puck/*` to require an authenticated session before requests reach the plugin.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

April 7, 2026

Classification

Attack SophisticationTrivial

Affected Packages

@delmaredigital/payload-puck@< 0.6.23 (fixed: 0.6.23)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-65w6-pf7x-5g85

First tracked: April 8, 2026 at 02:01 AM

Classified by LLM (prompt v3) · confidence: 95%