Payment Integration Vulnerability in Mollie by Pretix
CVE-2026-57536

6.3MEDIUM

Key Information:

Vendor: Pretix
Status: Pretix-mollie
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-57536?

A flaw in the payment integration with Mollie in Pretix allows attackers to exploit the system by providing invalid payment status responses. Failure to properly validate these responses could enable an attacker to gain unauthorized access to multiple valid tickets using confirmation from a single successful payment, posing a significant risk to user transactions and ticket management.

Affected Version(s)

pretix-mollie 0 < 2.5.6

References

https://pretix.eu/about/en/blog/20260625-release-2026-5-2/

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 24, 2026

CVE-2026-57536 Data

JSON