CVE Catalog

CVE-2026-28374

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations.

Risk Assessment

The ability to delete annotations without proper permissions may lead to loss of important information and compromise data integrity.

Recommendation

It is recommended to review and adjust editor permissions to prevent unauthorized deletion of annotations.

Original NVD description (English source)

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS