Authorization Bypass in Vimesoft Inc. Enterprise Video Platform
CVE-2026-12693
9.4CRITICAL
What is CVE-2026-12693?
A vulnerability affecting the Vimesoft Inc. Enterprise Video Platform allows unauthorized access to functionalities due to improper constraints enforced by Access Control Lists (ACLs). This security flaw enables users to exploit user-controlled keys, bypassing set permissions and gaining access to features they should not be able to access. Versions of the platform from 3.11.0.0 up to 3.25.0 are susceptible to this issue, emphasizing the need for immediate review and remediation in affected environments.
Affected Version(s)
Enterprise Video Platform 3.11.0.0 < 3.25.0
