Case-Themes Booked CVE-2026-22341
MEDIUMSeverity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H
Lifecycle Timeline
3DescriptionCVE.org
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0.
AnalysisAI
Booked scheduling software versions 3.0.0 and earlier contain an authentication bypass flaw that allows authenticated users to abuse alternate authentication paths or channels to gain unauthorized access. An attacker with valid credentials could exploit this vulnerability to escalate privileges or access restricted functionality without proper authorization. No patch is currently available for affected installations.
Technical ContextAI
Affects Case-Themes Booked booked. Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0.
Affected ProductsAI
Product: Case-Themes Booked booked.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today