CVE Catalog

CVE-2026-24610

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Summary

There is a broken access control issue in MetForm Pro versions up to 3.9.1 that may allow unauthorized subscribers to access resources.

Risk Assessment

Organizations may be exposed to unauthorized access to sensitive data, potentially leading to privacy and security breaches.

Recommendation

It is recommended to update MetForm Pro to the latest version to mitigate this vulnerability and review access policies.

Original NVD description (English source)

Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS