CVE Catalog
CVE-2026-49070
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.25%
16th percentile - higher than 16% of all known CVEs
Summary
In Knit Pay versions <= 9.4.0.0, there is an unauthenticated broken access control vulnerability that may allow unauthorized users to access resources.
Risk Assessment
Organizations may be exposed to unauthorized access to sensitive data, potentially leading to loss of confidentiality and integrity of information.
Recommendation
It is recommended to upgrade to the latest version of Knit Pay to mitigate this vulnerability and implement appropriate access control mechanisms.
Original NVD description (English source)
Unauthenticated Broken Access Control in Knit Pay <= 9.4.0.0 versions.

