LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-39432

CVE-2026-39432 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: May 12, 2026

Arraytics Timetics - Broken Access Control

Published: May 12, 2026Updated: May 12, 2026Remote Exploitable

Overview

Arraytics Timetics <= 1.0.53 contains a broken access control vulnerability caused by missing authorization checks, letting attackers exploit incorrect access control security levels, exploit requires no special privileges.

Severity & Score

Severity: High
CVSS Score: 8.2
EPSS Score: 3.0%(Probability of exploitation in next 30 days)

Impact

Attackers can bypass access controls to access or modify unauthorized data or functions.

Mitigation

Update to the latest version beyond 1.0.53.

References

Social Media Activity(4 posts)

TheHackerWire
TheHackerWire
@thehackerwire
May 12, 2026

šŸŸ  CVE-2026-39432 - High (8.2) Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-39432/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
OffSequence
OffSequence
@offseq
May 12, 2026

šŸ” HIGH severity: CVE-2026-39432 in Arraytics Timetics ā‰¤1.0.53 ā€” Missing authorization (CWE-862) enables potential data exposure. No patch available yet. Restrict access, monitor advisories. https://radar.offseq.com/threat/cve-2026-39432-cwe-862-missing-authorization-in-ar-e310bf2a #OffSeq #Cybersecurity #Vuln #CVE202639432

View original post
TheHackerWire
TheHackerWire
@thehackerwire
May 12, 2026

šŸŸ  CVE-2026-39432 - High (8.2) Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-39432/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
OffSequence
OffSequence
@offseq
May 12, 2026

šŸ” HIGH severity: CVE-2026-39432 in Arraytics Timetics ā‰¤1.0.53 ā€” Missing authorization (CWE-862) enables potential data exposure. No patch available yet. Restrict access, monitor advisories. https://radar.offseq.com/threat/cve-2026-39432-cwe-862-missing-authorization-in-ar-e310bf2a #OffSeq #Cybersecurity #Vuln #CVE202639432

View original post

Related Resources

Details

CVE ID
CVE-2026-39432
Severity
High
CVSS Score
8.2
Type
broken_access_control
Status
rejected
EPSS
3.0%
Social Posts
4

CWE

  • CWE-862

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score

3.0%Probability of exploitation in the next 30 days