CVE-2026-7681 — Jsbroks COCO Annotator Vulnerability
CVE-2026-7681 — A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.1. Affected by this vulnerability is an unknown functionality of the file backend/webserver/api/datasets.py of the component Dataset API. The manipulation of the argument DatasetId leads to authorization
What This Means For You
- If your environment is affected by CWE-285, CWE-639, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-7681 updates and patches.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-7681 - Jsbroks COCO Annotator Dataset API Authorization Bypass
title: CVE-2026-7681 - Jsbroks COCO Annotator Dataset API Authorization Bypass
id: scw-2026-05-03-ai-1
status: experimental
level: critical
description: |
This rule detects attempts to exploit CVE-2026-7681 by targeting the Dataset API endpoint in jsbroks COCO Annotator. The vulnerability allows for an authorization bypass by manipulating the 'DatasetId' parameter in a POST request to '/api/datasets'. This detection specifically looks for POST requests to this endpoint with the 'DatasetId' parameter present in the query string, indicating a potential exploit attempt.
author: SCW Feed Engine (AI-generated)
date: 2026-05-03
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-7681/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-method:
- 'POST'
cs-uri:
- '/api/datasets'
cs-uri-query|contains:
- 'DatasetId='
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-7681 | vulnerability | CVE-2026-7681 |
| CWE-285 | weakness | CWE-285 |
| CWE-639 | weakness | CWE-639 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 03, 2026 at 09:15 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Edimax BR-6208AC Buffer Overflow: Remote Exploit Public (CVE-2026-7685)
CVE-2026-7685 — A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of...
Edimax BR-6428nC Buffer Overflow (CVE-2026-7684) Exposed, High Severity
CVE-2026-7684 — A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation...
CVE-2026-7683 — An Unknown Function Of The File /Goform/SetWAN Of The Compon Command Injection
CVE-2026-7683 — A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component...