Auth bypass in Altium 365

CVE-2026-9152

A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticate…

Vulnerability class: Broken Authentication

EPSS: 0.001 (23.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References