CVE Catalog

CVE-2026-12060

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

9th percentile — higher than 9% of all known CVEs

Summary

Heptabase developed by Hepta Platforms has an Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining unauthorized access to camera and microphone permissions.

Risk Assessment

The organization is at risk of unauthorized access to users' private data, which could lead to serious privacy and security breaches.

Recommendation

It is recommended to implement strict access controls and educate users about the risks of opening unknown links within the Heptabase application.

Original NVD description (English source)

Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining unauthorized access to camera and microphone permissions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS