Incorrect Permission Assignment Vulnerability in OpenConcerto by ILM Informatique
CVE-2026-6499

2.4LOW

Key Information:

Vendor: Ilm Informatique
Status: Openconcerto
Vendor: CVE Published:; 4 May 2026

🔔 Create Ilm Informatique Vulnerability Alert

What is CVE-2026-6499?

A vulnerability in OpenConcerto by ILM Informatique allows attackers to exploit incorrect permission assignments, enabling them to replace binaries. This issue has been documented in OpenConcerto version 1.7.5, highlighting the importance of permissions management to safeguard critical resources within the system.

Affected Version(s)

OpenConcerto 1.7.5

References

https://www.openconcerto.org/fr/version-1.7.html

product

CVSS V4

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 4, 2026
Vulnerability Reserved
Apr 17, 2026

Credit

Dominique Righetto

CVE-2026-6499 Data

JSON