PT-2026-40468 · Flowsint · Flowsint
Published
2026-05-12
·
Updated
2026-05-13
·
CVE-2026-42158
CVSS v4.0
2.3
Low
| Vector | AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Flowsint versions prior to 1.2.3
Description
Flowsint is an open-source OSINT graph exploration tool used for cybersecurity investigation, transparency, and verification. A broken access control issue allows an adversary who knows an investigation ID to update the metadata of an investigation belonging to another user.
Recommendations
Update to version 1.2.3.
Exploit
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flowsint