CVE Catalog

CVE-2026-40795

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

19th percentile - higher than 19% of all known CVEs

Summary

Amelia versions up to 2.2 contain a broken access control vulnerability that may allow unauthorized users to access subscriber resources.

Risk Assessment

Organizations may be exposed to unauthorized access to subscriber data, potentially leading to information leaks and privacy violations.

Recommendation

It is recommended to upgrade to the latest version of Amelia to mitigate this vulnerability and implement additional access control measures.

Original NVD description (English source)

Subscriber Broken Access Control in Amelia <= 2.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS