CVE Catalog
CVE-2026-54810
HighCVSS 7.5Summary
Nexi Payments Nexi XPay has a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels.
Risk Assessment
Organizations may be exposed to unauthorized access to sensitive data or system functions, potentially leading to serious security breaches.
Recommendation
It is recommended to review and improve the configuration of access control security levels in Nexi XPay to ensure proper user authorization.
Original NVD description (English source)
Missing Authorization vulnerability in Nexi Payments Nexi XPay allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexi XPay: from n/a through 8.3.1.

