CVE-2026-41903 - FreeScout IDOR Vulnerability: PERM_EDIT_USERS allows modifying any user's notification subscriptions (incomplete fix of CVE-2025-48472)
CVE ID :CVE-2026-41903 Published : May 7, 2026, 6:02 p.m. | 1 hour, 1 minute ago Description :FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding the PERM_EDIT_USERS permission (intended for general user-profile editing) c
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Microsoft Issues Warning About Linux 'Copy Fail' Vulnerability
- [CYBER] Dirty Frag - Linux LPE similiar to Copy Fail
- [CYBER] IMF Warns AI Will Supercharge Cyberattacks on Global Financial System
- [CYBER] Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)
- [CYBER] CVE-2026-8086 - OSGeo gdal SWapi.c SWnentries heap-based overflow
- [CYBER] CVE-2026-41653 - BentoPDF: Stored XSS via Markdown Editor Leading to Persistent File Exfiltration