Smartfix

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-32391 MEDIUM This Month

SmartFix by linethemes contains a missing authorization vulnerability (CWE-862) that allows authenticated users to access or modify resources they should not have permission to access due to incorrectly configured access control security levels. Affected versions are SmartFix prior to 1.2.4. An attacker with low-privilege credentials can exploit this network-accessible vulnerability without user interaction to gain unauthorized access to sensitive data or perform unauthorized modifications.

Authentication Bypass Smartfix

NVD VulDB

CVSS 3.1

5.4

EPSS

0.0%

CVE-2026-32391

EPSS 0% CVSS 5.4

MEDIUM This Month

SmartFix by linethemes contains a missing authorization vulnerability (CWE-862) that allows authenticated users to access or modify resources they should not have permission to access due to incorrectly configured access control security levels. Affected versions are SmartFix prior to 1.2.4. An attacker with low-privilege credentials can exploit this network-accessible vulnerability without user interaction to gain unauthorized access to sensitive data or perform unauthorized modifications.

Authentication Bypass Smartfix

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy