EUVD-2026-12389
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Lifecycle Timeline
4Description
Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other users' legitimate accounts
Analysis
An identity-based authorization bypass vulnerability (IDOR) allows authenticated attackers to modify other users' account data, including email addresses, and subsequently hijack accounts through password reset flows. The vulnerability affects an unspecified product with a CVSS 8.6 severity rating, requires only low privileges to exploit over the network, and enables complete account takeover. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all affected systems and assess current exposure; notify security operations to monitor for exploitation attempts. Within 7 days: Apply vendor patch to all production systems; validate patch deployment across infrastructure. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today