CVE-2026-24756EPSS p4.7%

CVE-2026-24756CVE-2026-24756

accellion / kiteworks

Description

Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade Kiteworks to version 9.3.0 or later to receive a patch.

Scoring

CVSS 4.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS0.15% probability of exploitation · percentile 4.7% · 2026-06-18T12:00:27Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24753
CVE
CVE-2026-24755
CVE
CVE-2026-24761
CVE
CVE-2026-23638
CVE
CVE-2026-24754
CVE
CVE-2026-24782
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.