VYPR
Medium severity4.3NVD Advisory· Published Mar 18, 2026· Updated May 5, 2026

CVE-2026-32736

CVE-2026-32736

Description

The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. An Insecure Direct Object Reference (IDOR) vulnerability in versions of the wiki prior to 1.0.0 exposes mod authors' personal information - including full names and email addresses - to any authenticated user who visits a mod page. Any user who creates an account can access sensitive author details by simply navigating to a mod's page via its slug. Version 1.0.0 fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:hytalemodding:wiki:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:hytalemodding:wiki:*:*:*:*:*:*:*:*range: <1.0.0
    • (no CPE)range: <1.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.