CVE-2026-30368

Name of the Vulnerable Software and Affected Versions Lightspeed Classroom version 5.1.2.1763770643

Description A client-side authorization flaw allows unauthenticated attackers to impersonate users. This is achieved by bypassing integrity checks and abusing client-generated authorization tokens, which can lead to unauthorized control and monitoring of student devices.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.