CVE Catalog
CVE-2026-38807
HighSummary
Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component.
Risk Assessment
The organization may be exposed to unauthorized access to sensitive data or system functions, potentially leading to serious security breaches.
Recommendation
It is recommended to update to the latest version of kvf-admin and review permissions in the system to minimize the risk of privilege escalation.
Original NVD description (English source)
Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component

