CVE Catalog
CVE-2026-40793
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.28%
19th percentile — higher than 19% of all known CVEs
Summary
Versions of Groundhogg below 4.4.1 have a broken access control issue for subscribers, potentially allowing unauthorized access to data.
Risk Assessment
Organizations may be exposed to data leaks of subscribers and other unauthorized actions, which could impact their reputation and regulatory compliance.
Recommendation
It is recommended to update Groundhogg to version 4.4.1 or later to mitigate this vulnerability.
Original NVD description (English source)
Subscriber Broken Access Control in Groundhogg < 4.4.1 versions.

