CVE-2026-40349 | leepeuker movary up to 0.71.0 Endpoint /settings/users/ authorization (GHSA-mcfq-8rx7-w25v)

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability described as critical has been identified in leepeuker movary up to 0.71.0. The affected element is an unknown function of the file /settings/users/ of the component Endpoint. The manipulation results in missing authorization.

This vulnerability was named CVE-2026-40349. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-40349 | leepeuker movary up to 0.71.0 Endpoint /settings/users/ authorization (GHSA-mcfq-8rx7-w25v)

Post correlati

CVE-2026-5625 | assafelovic gpt-researcher up to 3.4.3 WebSocket Interface researcher.py task cross site scripting (Issue 1692)

CVE-2025-9325 | Foxit PDF Reader PRC File Parser out-of-bounds

CVE-2025-11326 | Tenda AC18 15.03.05.19(6318) /goform/WifiMacFilterSet wifi_chkHz stack-based overflow

CVE-2026-35173 | xenocrat chyrp-lite prior 2026.01 authorization (GHSA-8c3h-rh2j-fxr9)