CVE-2026-34905EPSS p24.1%

CVE-2026-34905CVE-2026-34905

apache / answer

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenticated users to discover and access unlisted questions, their answers, comments, and revision history. Users are recommended to upgrade to version 2.0.1, which fixes the issue.

Scoring

CVSS 6.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS0.33% probability of exploitation · percentile 24.1% · 2026-06-18T12:00:27Z
Last modified2026-06-10

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-25699
CVE
CVE-2026-25700
CVE
CVE-2026-34033
CVE
CVE-2026-25688
CVE
CVE-2026-34031
CVE
CVE-2026-33582
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.