CVE Catalog
CVE-2026-40795
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.27%
19th percentile - higher than 19% of all known CVEs
Summary
Amelia versions up to 2.2 contain a broken access control vulnerability that may allow unauthorized users to access subscriber resources.
Risk Assessment
Organizations may be exposed to unauthorized access to subscriber data, potentially leading to information leaks and privacy violations.
Recommendation
It is recommended to upgrade to the latest version of Amelia to mitigate this vulnerability and implement additional access control measures.
Original NVD description (English source)
Subscriber Broken Access Control in Amelia <= 2.2 versions.

