EUVD-2026-15687
GHSA-c33c-vr44-685c
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
3Description
Missing Authorization vulnerability in Özgür KARALAR Kargo Takip kargo-takip-turkiye allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kargo Takip: from n/a through < 0.2.4.
Analysis
Kargo Takip versions prior to 0.2.4 contain a missing authorization vulnerability that allows authenticated users to modify data or perform unauthorized actions due to improper access control enforcement. An attacker with valid credentials could exploit this weakness to manipulate shipment tracking information or other protected resources without proper privilege verification. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today