PT-2026-21234 · Authorsy · Authorsy

Numex

Published

2026-02-20

Updated

2026-02-21

CVE-2026-24950

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Authorsy versions through 1.0.6

Description An authorization bypass exists in Authorsy due to incorrectly configured access control security levels. This allows exploitation through a user-controlled key.

Recommendations Update Authorsy to a version later than 1.0.6.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2026-24950

Affected Products

Authorsy

PT-2026-21234 · Authorsy · Authorsy

CVE-2026-24950

Weakness Enumeration

Related Identifiers

Affected Products

References · 5