CVE-2026-40867
Description
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, a broken access control vulnerability in the helpdesk attachment viewer allows any authenticated user to view attachments from other tickets by changing the attachment ID. This can expose sensitive support files and internal documents across unrelated users or teams.
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2026-40867? +
How do I check if I'm vulnerable to CVE-2026-40867? +
Related Vulnerabilities
mcp-neo4j-cypher is an MCP server for executing Cypher queries against Neo4j databases. In versions prior to 0.6.0, the read_only mode …
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in …
Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in …
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, no administrator verification takes …
An improper access check allows unauthorized access to com_config webservice endpoints.
NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom …