PT-2026-39232 · Wagtail · Wagtail

Seoyoung-Kang

Published

2026-05-08

Updated

2026-05-11

CVE-2026-44197

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Wagtail versions prior to 7.4

Description A CMS user lacking page editing permissions can access page revisions via the revision compare view by knowing the primary keys of two revisions. This may lead to the disclosure of sensitive information.

Recommendations Update to version 7.0.7 Update to version 7.3.2 Update to version 7.4

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-280

Related Identifiers

CVE-2026-44197

GHSA-C6WJ-9VCJ-75PJ

PYSEC-2026-146

Affected Products

Wagtail

PT-2026-39232 · Wagtail · Wagtail

CVE-2026-44197

Weakness Enumeration

Related Identifiers

Affected Products

References · 8