Auth bypass in Mantisbt

CVE-2026-42071

Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user (REPORTER+) to download attachments on private bugnote…

Vulnerability class: Broken Access Control

EPSS: 0.000 (14.7th percentile) — read the EPSS interpretation.

Affected products

Mantisbt — versions >= 2.23.0, < 2.28.2

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

security-advisories@github.com (x_refsource_CONFIRM)
security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_MISC)