PT-2026-23944 · Unknown · Suitenumerique Messages

Djnn

·

Publicado

2026-03-08

·

Atualizado

2026-03-08

·

CVE-2026-3739

CVSS v2.0

6.5

Média

VetorAV:N/AC:L/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions SuiteNumerique Messages versions 0.2.0
Description A security flaw exists in the ThreadAccessSerializer function within the src/backend/core/api/serializers.py file of the ThreadAccess component. This flaw leads to improper authentication and can be exploited remotely. The exploit for this issue has been publicly released. The vulnerable component should be upgraded.
Recommendations Upgrade to version 0.3.0.

Exploit

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2026-3739
GHSA-7476-6CRQ-4CW9

Produtos afetados

Suitenumerique Messages