What is CVE-2026-45410?

CVE-2026-45410 is a medium-severity vulnerability in Mauriceboe Trek, classified under Observable Discrepancy. CVSS score: 5.3/10. Published 2026-05-28.

How severe is CVE-2026-45410?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Mauriceboe Trek

CVE-2026-45410

TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, th…

EPSS: 0.000 (11.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Mauriceboe Trek — versions < 3.0.18

Weakness classification (CWE)

CWE-203 — Observable Discrepancy
CWE-208

References

security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-45410?: CVE-2026-45410 is a medium-severity vulnerability in Mauriceboe Trek, classified under Observable Discrepancy. CVSS score: 5.3/10. Published 2026-05-28.
How severe is CVE-2026-45410?: Medium severity. CVSS v3 base score is 5.3 out of 10.