CVE-2026-25365

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Kargo Takip versions prior to 0.2.4

Description A missing authorization flaw exists in Özgür KARALAR Kargo Takip kargo-takip-turkiye. This issue stems from incorrectly configured access control security levels, potentially allowing unauthorized access. The API endpoint is not specified. The vulnerable parameter is not specified. The vulnerable function is not specified.

Recommendations Update Kargo Takip to version 0.2.4 or later.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2026-25365

Affected Products

Kargo Takip

CVE-2026-25365

Weakness Enumeration

Related Identifiers

Affected Products

References · 3