CVE Catalog

CVE-2026-39525

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile — higher than 15% of all known CVEs

Summary

Booking Activities versions up to 1.16.48.1 have a vulnerability in access control that allows unauthorized access.

Risk Assessment

Organizations may be exposed to unauthorized actions within the system, potentially leading to data loss or user privacy breaches.

Recommendation

It is recommended to update to the latest version to mitigate this security vulnerability.

Original NVD description (English source)

Unauthenticated Broken Access Control in Booking Activities <= 1.16.48.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS