← volver
CVE-2026-23514

Kiteworks Core before 9.2.2 is vulnerable to Improper Ownership Management

CVSS 8.8 HIGHEPSS 1.0%CWE-282
Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
kiteworks · core

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gqr-cpr6-wvm5