Unauthenticated Access Control Flaw in Tutor LMS by Tutor Team
CVE-2026-40743
6.5MEDIUM
What is CVE-2026-40743?
An unauthenticated broken access control vulnerability exists in Tutor LMS versions 3.9.7 and earlier. This flaw allows unauthorized users to gain access to sensitive functions and data, potentially leading to exploitation of the system. Administrators using affected versions are encouraged to update promptly to secure their applications.
Affected Version(s)
Tutor LMS <= 3.9.7