CVE-2026-24761EPSS p3.9%

CVE-2026-24761CVE-2026-24761

accellion / kiteworks

Description

Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade Kiteworks to version 9.3.0 or later to receive a patch.

Scoring

CVSS 3.7 ()
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS0.14% probability of exploitation · percentile 3.9% · 2026-06-19T12:03:05Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24756
CVE
CVE-2026-24755
CVE
CVE-2026-24753
CVE
CVE-2026-23638
CVE
CVE-2026-24751
CVE
CVE-2026-24782
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.