CVE Catalog
CVE-2026-39524
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.25%
16th percentile - higher than 16% of all known CVEs
Summary
Masteriyo - LMS versions up to 2.1.5 contain a vulnerability in access control that allows unauthorized access.
Risk Assessment
Organizations may be exposed to unauthorized user actions, potentially leading to data leaks or unauthorized changes in the system.
Recommendation
It is recommended to upgrade to the latest version of Masteriyo - LMS to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in Masteriyo - LMS <= 2.1.5 versions.

