← back
CVE-2026-6355

CVE-2026-6355

CVSS 6.5 MEDIUMEPSS 0.2%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected products
Augmentt · Augmentt

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/Penguinsecq/CVE-2026-6355/