CVE-2026-27471 – ERP: Document access through endpoints due to missing validation

CVE ID : CVE-2026-27471

Published : Feb. 21, 2026, 6:38 a.m. | 25 minutes ago

Description : ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in versions 15.98.1 and 16.6.1.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-2865 – itsourcecode Agri-Trading Online Shopping System HTTP POST Request productcontroller.php sql injection

CVE-2026-2864 – feng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversal

CVE-2026-27470 – ZoneMinder: Second-Order SQL Injection in `getNearEvents()` via Stored Event Name and Cause Fields

CVE-2026-27469 – Isso: Stored XSS via comment website field