CVE Catalog

CVE-2026-39515

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile — higher than 27% of all known CVEs

Summary

Versions of the engine below 1.4.107 have a broken access control issue for subscribers, which may lead to unauthorized access to resources.

Risk Assessment

Organizations may be exposed to unauthorized access to sensitive data, potentially leading to serious security breaches.

Recommendation

It is recommended to update the engine to version 1.4.107 or later to mitigate this vulnerability.

Original NVD description (English source)

Subscriber Broken Access Control in Motors < 1.4.107 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS