HIGH🇵🇱 Wersja polska

CVE-2026-23514

CVSS 8.8v3.1pub. 2026-03-25upd. 2026-03-27

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Accellion Kiteworks

    APP
    Accellion
    9.2.09.2.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-24752HIGH8.2ten sam produkt

Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks ...

CVE-2026-24782HIGH7.6ten sam produkt

Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kit...

CVE-2026-24751HIGH8.2ten sam produkt

Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks ...

CVE-2026-24750HIGH7.6ten sam produkt

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authentic...

CVE-2026-28272HIGH8.1ten sam produkt

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protecti...