CVE Catalog

CVE-2026-41047

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

5th percentile — higher than 5% of all known CVEs

Summary

In qSnapper before version 1.3.3, lack of authentication in the "snapshot diff" functions allowed a local attacker to read otherwise read-protected information.

Risk Assessment

A local attacker can access confidential data that is normally protected from reading, compromising system confidentiality.

Recommendation

Immediately update qSnapper to version 1.3.3 or later, which introduces the required authentication for the "snapshot diff" functions.

Original NVD description (English source)

Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3 allowed a local attacker to see otherwise read protected information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS