CVE Catalog

CVE-2026-39450

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.39%

30th percentile - higher than 30% of all known CVEs

Summary

There is a broken authentication issue for subscribers in FunnelKit Automations versions <= 3.7.3.

Risk Assessment

An attacker could gain access to subscriber accounts, potentially leading to data leaks or unauthorized access to the system.

Recommendation

It is recommended to update to the latest version of FunnelKit Automations to mitigate this vulnerability.

Original NVD description (English source)

Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS