Michael Groberman

#7523of 53,630
36.5Total CVSS
Vulnerabilities · 5
Medium
2
High
1
Critical
2
PT-2026-30212
5.3
2026-04-03
Gardyn · Cloud Api · CVE-2026-28767
A specific administrative endpoint notifications is accessible without proper authentication.
PT-2026-30214
7.5
2026-04-03
Gardyn · Cloud Api · CVE-2026-32646
A specific administrative endpoint is accessible without proper authentication, exposing device management functions.
PT-2026-30215
5.3
2026-04-03
Gardyn · Cloud Api · CVE-2026-32662
Development and test API endpoints are present that mirror production functionality.
PT-2026-30230
9.1
2026-04-03
Gardyn · Cloud Api · CVE-2026-25197
Name of the Vulnerable Software and Affected Versions versions (affected versions not specified) Description An authenticated user can access other user profiles by manipulating the `id` number within an API call. This occurs through a specific API endpoint. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2026-30231
9.3
2026-04-03
Gardyn · Gardyn · CVE-2026-28766
Name of the Vulnerable Software and Affected Versions Gardyn (affected versions not specified) Description A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.