Medium severity6.5NVD Advisory· Published Apr 22, 2026· Updated Apr 22, 2026
CVE-2026-41127
CVE-2026-41127
Description
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have a missing authorization that allows viewers to inject/overwrite captions Version 3.0.24 tightened the permissions on who is able to submit captions. No known workarounds are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <3.0.24
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.