CVE-2026-40569 | freescout-help-desk freescout up to 1.8.212 Mailbox Connection Settings Endpoint MailboxesController.php connectionIncomingSave access control (GHSA-hmqm-33wp-858j)

Inserito da Angelo Barbosa | Apr 21, 2026 | CVE

A vulnerability classified as critical has been found in freescout-help-desk freescout up to 1.8.212. This affects the function connectionIncomingSave of the file app/Http/Controllers/MailboxesController.php of the component Mailbox Connection Settings Endpoint. This manipulation causes improper access controls.

This vulnerability is registered as CVE-2026-40569. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-40569 | freescout-help-desk freescout up to 1.8.212 Mailbox Connection Settings Endpoint MailboxesController.php connectionIncomingSave access control (GHSA-hmqm-33wp-858j)

Post correlati

CVE-2024-7499 | itsourcecode Airline Reservation System 1.0 flights.php departure_airport_id sql injection

CVE-2024-21918 | Rockwell Automation Arena Simulation up to 16.20.02 use after free

CVE-2025-60786 | iceScrum Pro On-Prem 7.54 Project unrestricted upload

CVE-2021-47178 | Linux Kernel up to 5.12.8 scsi smp_processor_id stack-based overflow (a20b6eaf4f35/70ca3c57ff91)