Skip to main content

Tuleap Enterprise Edition

1 CVEs product

Monthly

CVE-2026-14165 HIGH This Week

Insecure direct object reference (IDOR) in Dassault Systèmes Tuleap Enterprise Edition 17.0 through 17.5 lets attackers read other users' data by manipulating a user-controlled key/identifier, breaking horizontal authorization boundaries. The CVSS 3.1 vector (AV:N/PR:N) scores it as remotely reachable with high confidentiality impact but no integrity or availability effect. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Authentication Bypass Tuleap Enterprise Edition
NVD
CVSS 3.1
7.5
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH This Week

Insecure direct object reference (IDOR) in Dassault Systèmes Tuleap Enterprise Edition 17.0 through 17.5 lets attackers read other users' data by manipulating a user-controlled key/identifier, breaking horizontal authorization boundaries. The CVSS 3.1 vector (AV:N/PR:N) scores it as remotely reachable with high confidentiality impact but no integrity or availability effect. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Authentication Bypass Tuleap Enterprise Edition
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy