Authorization Bypass Vulnerability in Tuleap Enterprise Edition by Accenture
CVE-2026-14165

7.5HIGH

Key Information:

Vendor
CVE Published:
13 July 2026

What is CVE-2026-14165?

An authorization bypass vulnerability exists in Tuleap Enterprise Edition, versions 17.0 to 17.5. This flaw allows attackers to exploit user-controlled keys, enabling unauthorized access to sensitive user data. Organizations using affected versions should implement available security updates to mitigate the risk of unauthorized data exposure.

Affected Version(s)

Tuleap Enterprise Edition 17.0-1 <= 17.0-31

Tuleap Enterprise Edition 17.5-1 <= 17.5-17

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.