CVE Catalog
CVE-2026-39525
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.24%
15th percentile — higher than 15% of all known CVEs
Summary
Booking Activities versions up to 1.16.48.1 have a vulnerability in access control that allows unauthorized access.
Risk Assessment
Organizations may be exposed to unauthorized actions within the system, potentially leading to data loss or user privacy breaches.
Recommendation
It is recommended to update to the latest version to mitigate this security vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in Booking Activities <= 1.16.48.1 versions.

