CVE Catalog
CVE-2026-49066
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.30%
22th percentile - higher than 22% of all known CVEs
Summary
The Conekta Payment Gateway versions up to 6.0.0 have a vulnerability that allows unauthenticated access to sensitive data.
Risk Assessment
Organizations may be exposed to the leakage of personal or financial data, which can lead to serious legal and reputational consequences.
Recommendation
It is recommended to update the Conekta Payment Gateway to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.

