CVE Catalog
CVE-2026-39518
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk0.28%
19th percentile - higher than 19% of all known CVEs
Summary
Versions of EventPrime <= 4.3.0.0 have a vulnerability related to Insecure Direct Object References (IDOR). This allows subscribers to access data they should not have permission to.
Risk Assessment
The organization may be exposed to unauthorized access to sensitive data, potentially leading to privacy breaches and loss of customer trust.
Recommendation
It is recommended to upgrade to the latest version of EventPrime to mitigate this vulnerability and implement appropriate access controls.
Original NVD description (English source)
Subscriber Insecure Direct Object References (IDOR) in EventPrime <= 4.3.0.0 versions.

