Insecure Direct Object Reference in Web Application Affects Multiple Tenants
CVE-2026-6355

Currently unrated

Key Information:

Vendor: Augmentt
Status: Augmentt
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-6355?

A vulnerability exists in a web application that permits unauthorized users to access and manipulate sensitive data across various tenants. By exploiting insecure direct object references, attackers can gain access to sensitive information and make unauthorized changes to tenant configurations, undermining the integrity and confidentiality of the application.

Affected Version(s)

Augmentt 1.0

References

https://github.com/Penguinsecq/CVE-2026-6355/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Apr 15, 2026

CVE-2026-6355 Data

JSON