CVE-2026-10863 — A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user — CVE Database · The Intelligence Room