What is CVE-2026-23514?

CVE-2026-23514 is a high-severity vulnerability in Kiteworks Core, classified under CWE-282. CVSS score: 8.8/10. Published 2026-03-25.

How severe is CVE-2026-23514?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Kiteworks Core

CVE-2026-23514

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to…

EPSS: 0.000 (14.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Kiteworks Core — versions >= 9.2.0, < 9.2.2

Weakness classification (CWE)

CWE-282

References

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gqr-cpr6-wvm5 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-23514?: CVE-2026-23514 is a high-severity vulnerability in Kiteworks Core, classified under CWE-282. CVSS score: 8.8/10. Published 2026-03-25.
How severe is CVE-2026-23514?: High severity. CVSS v3 base score is 8.8 out of 10.