CVE-2026-13591 | DeepMyst Mysti 0.4.0 Contact Tracking ChannelBridge.ts _isTrackedConversation _channelType improper authorization (Issue 42)

Inserito da Angelo Barbosa | Giu 29, 2026 | CVE

A vulnerability identified as critical has been detected in DeepMyst Mysti 0.4.0. Affected is the function _isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument _channelType causes improper authorization.

This vulnerability appears as CVE-2026-13591. The attack may be initiated remotely. In addition, an exploit is available.

It is suggested to install a patch to address this issue.

CVE-2026-13591 | DeepMyst Mysti 0.4.0 Contact Tracking ChannelBridge.ts _isTrackedConversation _channelType improper authorization (Issue 42)

Post correlati

CVE-2023-49473 | Shenzhen JF6000 Cloud Media Collaboration Processing Platform access control

CVE-2024-50656 | itsourcecode Placement Management System 1.0 registration.php Full Name cross site scripting

CVE-2024-9931 | Wux Blog Editor Plugin up to 3.0.0 on WordPress improper authentication

CVE-2024-22068 | ZTE ZXR10 1800-2S/ZXR10 2800-4/ZXR10 3800-8/ZXR10 160 up to 4.00.10 privileges management