Broken Object-Level Access Controls in MicroRealEstate by MicroRealEstate
CVE-2026-57868

7.1HIGH

Key Information:

Vendor
CVE Published:
7 July 2026

What is CVE-2026-57868?

MicroRealEstate suffers from a vulnerability in its PDF generator functionality, which is due to broken object-level access controls. This flaw allows unauthorized users to gain access to sensitive functionalities or data that should normally be restricted, potentially leading to exploitation in the affected version up to 1.0.0-alpha3. Organizations using this product should assess their security measures and update accordingly.

Affected Version(s)

MicroRealEstate 0 <= 1.0.0-alpha3

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jake Cleland
.