Medium severity6.3NVD Advisory· Published Mar 8, 2026· Updated Apr 29, 2026
CVE-2026-3739
CVE-2026-3739
Description
A security flaw has been discovered in suitenumerique messages 0.2.0. This issue affects the function ThreadAccessSerializer of the file src/backend/core/api/serializers.py of the component ThreadAccess. The manipulation results in improper authentication. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.3.0 is capable of addressing this issue. The patch is identified as d7729f4b885449f6dee3faf8b5f2a05769fb3d6e. The affected component should be upgraded.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=0.2.0
Patches
Vulnerability mechanics
References
7- github.com/suitenumerique/messages/commit/d7729f4b885449f6dee3faf8b5f2a05769fb3d6envd
- github.com/suitenumerique/messages/pull/557nvd
- github.com/suitenumerique/messages/releases/tag/v0.3.0nvd
- github.com/suitenumerique/messages/security/advisories/GHSA-7476-6crq-4cw9nvd
- vuldb.comnvd
- vuldb.comnvd
- vuldb.comnvd
News mentions
0No linked articles in our index yet.