CVE-2026-23514

High CVSS: 8.8

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch.

Vendor

Accellion

Product

Kiteworks

CWE

CWE-282

Yayın Tarihi

2026-03-25 15:16:37

Güncelleme

2026-03-27 18:52:37

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-282 Kiteworks HIGH Accellion 2026

Referanslar

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gqr-cpr6-wvm5

Benzer Kayıtlar

Medium

CVE-2026-29092

Kiteworks is a private data network (PDN). Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway…

Medium

CVE-2026-23635

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of…

Medium

CVE-2026-23636

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form…

High

CVE-2026-24750

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attac…

Medium

CVE-2026-28270

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows upl…

Medium

CVE-2026-28271

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functional…