CVE Catalog

CVE-2026-39524

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile - higher than 16% of all known CVEs

Summary

Masteriyo - LMS versions up to 2.1.5 contain a vulnerability in access control that allows unauthorized access.

Risk Assessment

Organizations may be exposed to unauthorized user actions, potentially leading to data leaks or unauthorized changes in the system.

Recommendation

It is recommended to upgrade to the latest version of Masteriyo - LMS to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS