What is CVE-2026-49141?

CVE-2026-49141 is a high-severity vulnerability, classified under Authorization Bypass Through User-Controlled Key. CVSS score: 7.1/10. Published 2026-06-08.

How severe is CVE-2026-49141?

High severity. CVSS v3 base score is 7.1 out of 10.

CVE-2026-49141

CVE-2026-49141

WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants by supplying an arbitrary caller-controlled c…

Vulnerability class: IDOR (Insecure Direct Object Reference)

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N.

Weakness classification (CWE)

CWE-639 — Authorization Bypass Through User-Controlled Key

References

disclosure@vulncheck.com
disclosure@vulncheck.com
disclosure@vulncheck.com

Frequently asked questions

What is CVE-2026-49141?: CVE-2026-49141 is a high-severity vulnerability, classified under Authorization Bypass Through User-Controlled Key. CVSS score: 7.1/10. Published 2026-06-08.
How severe is CVE-2026-49141?: High severity. CVSS v3 base score is 7.1 out of 10.