CVE Catalog

CVE-2026-52699

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

14th percentile - higher than 14% of all known CVEs

Summary

Versions of VikRentCar <= 1.4.5 are vulnerable to unauthenticated Insecure Direct Object References (IDOR). This allows attackers to access resources they should not have access to.

Risk Assessment

The organization may be exposed to unauthorized access to sensitive data, potentially leading to loss of confidentiality and user privacy breaches.

Recommendation

It is recommended to upgrade to the latest version of VikRentCar to mitigate this vulnerability and implement appropriate authorization mechanisms.

Original NVD description (English source)

Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS