🚨 CVE-2026-0562 (HIGH, CVSS 8.3) in parisneo/lollms ≤2.2.0: Authenticated users can accept/reject others' friend requests via IDOR in /api/friends/requests/{friendship_id}. Upgrade to 2.2.0+ and audit API auth now! https://radar.offseq.com/threat/cve-2026-0562-cwe-863-incorrect-authorization-in-p-77e45474 #OffSeq #CVE20260562 #IDOR #AppSec