CVE-2026-25699

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer.

This issue affects Apache Answer: through 2.0.0.

Timeline-related APIs lacked proper authorization checks, allowing regular authenticated users to access deleted, private, or unapproved content and its revision history. Users are recommended to upgrade to version 2.0.1, which fixes the issue.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-359

Related Identifiers

CVE-2026-25699

Affected Products

Apache Answer

CVE-2026-25699

Weakness Enumeration

Related Identifiers

Affected Products

References · 2