CVE-2026-0752: Insufficient Scanner Grouping Key
Data is being aggregated based purely on the `.scanner` property. This fails to differentiate by scan type, leading to business logic flaws where distinct scan reports clobber each other's vulnerabilities. Group by a composite key including both `.scanner` and `.scan_type` or `.report_type`.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0ruby
greprules fetch cve-2026-0752-insufficient-scanner-grouping-key --engine opengrepDescription
Data is being aggregated based purely on the `.scanner` property. This fails to differentiate by scan type, leading to business logic flaws where distinct scan reports clobber each other's vulnerabilities. Group by a composite key including both `.scanner` and `.scan_type` or `.report_type`.
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.