CVE-2026-6355 - Vulnerability Analysis

Overview

A web application contains a broken access control vulnerability caused by insecure direct object references, letting unauthorized users access and manipulate sensitive data across tenants, exploit requires no special privileges.

Severity & Score

Impact

Unauthorized users can access and modify sensitive tenant data, leading to data breaches and configuration changes.

Mitigation

Update to the latest version with proper access control checks.

References

• https://github.com/Penguinsecq/CVE-2026-6355/

Related Resources

• Vulnerability Intelligence Dashboard
• Credential Scanner