CVE-2026-12060
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk9th percentile — higher than 9% of all known CVEs
Summary
Heptabase developed by Hepta Platforms has an Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining unauthorized access to camera and microphone permissions.
Risk Assessment
The organization is at risk of unauthorized access to users' private data, which could lead to serious privacy and security breaches.
Recommendation
It is recommended to implement strict access controls and educate users about the risks of opening unknown links within the Heptabase application.
Original NVD description (English source)
Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining unauthorized access to camera and microphone permissions.

