CVE Catalog

CVE-2026-40809

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

25th percentile — higher than 25% of all known CVEs

Summary

A missing authorization vulnerability in Rara Themes Metro Magazine allows exploiting incorrectly configured access control security levels.

Risk Assessment

This issue may lead to unauthorized access to resources, posing a serious threat to the organization's data security.

Recommendation

It is recommended to review and improve the configuration of access control security levels in Metro Magazine to ensure proper user authorization.

Original NVD description (English source)

Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.4.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS