CVE-2026-5780
Multiple vulnerabilities in MphRx's Minerva
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an attacker to obtain a list of users.
| CWE | CWE-284 |
| Vendor | mphrx |
| Product | minerva |
| Published | Apr 28, 2026 |
| Last Updated | Apr 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for mphrx minerva
Be the first to know when new unknown vulnerabilities affecting mphrx minerva are published β delivered to Slack, Telegram or Discord.
Get Free Alerts β
Free Β· No credit card Β· 60 sec setup
Affected Versions
MphRx / Minerva
3.6.0
References
Credits
Alejandro Rivera LeΓ³n