Skip to main content

Augmentt CVE-2026-6355

| EUVDEUVD-2026-24748 MEDIUM
Authorization Bypass Through User-Controlled Key (CWE-639)
2026-04-22 certcc
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

5
Analysis Generated
Apr 23, 2026 - 00:17 vuln.today
CVSS changed
Apr 22, 2026 - 15:22 NVD
6.5 (MEDIUM)
EUVD ID Assigned
Apr 22, 2026 - 14:00 euvd
EUVD-2026-24748
Analysis Generated
Apr 22, 2026 - 14:00 vuln.today
CVE Published
Apr 22, 2026 - 13:18 nvd
MEDIUM 6.5

DescriptionCVE.org

A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration.

AnalysisAI

Insecure direct object references in Augmentt 1.0 allow unauthenticated remote attackers to access and modify sensitive tenant data across different organizational contexts, bypassing authentication mechanisms through direct manipulation of object identifiers. The vulnerability enables both unauthorized information disclosure and modification of tenant configuration with CVSS 6.5 (medium severity); no public exploit code has been identified at the time of analysis, though the attack is automatable and requires no user interaction.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify tenant identifiers in Augmentt API URLs
Delivery
Craft unauthorized API requests with different tenant IDs
Exploit
Bypass authorization validation due to IDOR flaw
Execution
Access or modify sensitive tenant data
Impact
Exfiltrate or corrupt multi-tenant information

Vulnerability AssessmentAI

Exploitation The vulnerability requires that the Augmentt application exposes tenant or resource identifiers directly in API endpoints or URL parameters without validating that the requester is authorized to access that specific tenant. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) indicates network-accessible exploitation requiring no privileges, no user interaction, and low attack complexity, creating a baseline medium-severity risk (score 6.5). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker identifies that Augmentt exposes tenant identifiers in API URLs (e.g., https://app.augmentt.com/api/tenant/1/config). By sending requests with sequentially incremented tenant IDs (tenant/1, tenant/2, tenant/3) without authentication credentials or with stolen credentials from a single tenant, the attacker retrieves configuration data and sensitive information belonging to other organizations and modifies tenant settings such as user permissions or data retention policies. …
Remediation No vendor-released patch has been identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-6355 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy