Bighearts

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-32439 MEDIUM This Month

WebGeniusLab BigHearts contains a missing authorization vulnerability (CWE-862) that allows unauthenticated attackers to modify data due to incorrectly configured access control security levels. All versions of BigHearts through 3.1.14 are affected, enabling an attacker to bypass authorization checks and perform unauthorized data modification without requiring authentication or user interaction. With a CVSS score of 5.3 and network-accessible attack surface, this vulnerability poses a moderate integrity risk requiring prompt patching.

Authentication Bypass Bighearts

NVD VulDB

CVSS 3.1

5.3

EPSS

0.0%

CVE-2026-32439

EPSS 0% CVSS 5.3

MEDIUM This Month

WebGeniusLab BigHearts contains a missing authorization vulnerability (CWE-862) that allows unauthenticated attackers to modify data due to incorrectly configured access control security levels. All versions of BigHearts through 3.1.14 are affected, enabling an attacker to bypass authorization checks and perform unauthorized data modification without requiring authentication or user interaction. With a CVSS score of 5.3 and network-accessible attack surface, this vulnerability poses a moderate integrity risk requiring prompt patching.

Authentication Bypass Bighearts

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy