CVE-2026-26237
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk20th percentile - higher than 20% of all known CVEs
Summary
A missing authorization vulnerability has been reported to affect QuMagie, allowing remote attackers to access unauthorized data or perform unauthorized actions.
Risk Assessment
The organization may be exposed to unauthorized data access and the ability to perform unauthorized operations, potentially leading to serious security breaches.
Recommendation
It is recommended to upgrade to QuMagie version 2.9.0 or later to mitigate this vulnerability.
Original NVD description (English source)
A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later

