Critical severity9.1NVD Advisory· Published Apr 3, 2026· Updated Apr 22, 2026
CVE-2026-25197
CVE-2026-25197
Description
A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
3- github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-03.jsonnvdThird Party Advisory
- mygardyn.com/security/nvdVendor Advisory
- www.cisa.gov/news-events/ics-advisories/icsa-26-055-03nvdUS Government ResourceThird Party Advisory
News mentions
0No linked articles in our index yet.