CVE-2026-3020

UNKNOWN 0.0

Identity based authorization bypass vulnerability (IDOR) in the Wakyma application web

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other users' legitimate accounts

CWE	CWE-639
Vendor	wakyma
Product	wakyma application web
Published	Mar 16, 2026
Last Updated	Mar 16, 2026

Stay Ahead of the Next One

Get instant alerts for wakyma wakyma application web

Be the first to know when new unknown vulnerabilities affecting wakyma wakyma application web are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Wakyma / Wakyma application web

all versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web