Auth bypass in Microrealestate

CVE-2026-57869

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization. This issue affects Micr…

Vulnerability class: IDOR (Insecure Direct Object Reference)

Affected products

Weakness classification (CWE)

References