CVE-2026-11764 Data exposed without proper permission

🗓️ 09 Jun 2026 11:54:37Reported by rami.ioType

CVE-2026-11764 exports expose gift card secrets without proper permission, bypassing boundaries.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2026-11764	9 Jun 202613:44	–	circl
CVE	CVE-2026-11764	9 Jun 202611:54	–	cve
EUVD	EUVD-2026-35407	9 Jun 202611:54	–	euvd
NVD	CVE-2026-11764	9 Jun 202613:16	–	nvd
Positive Technologies	PT-2026-47750	9 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-11764	10 Jun 202615:00	–	redhatcve
Vulnrichment	CVE-2026-11764 Data exposed without proper permission	9 Jun 202611:54	–	vulnrichment

[
  {
    "vendor": "pretix",
    "product": "pretix",
    "collectionURL": "https://pypi.org/",
    "packageName": "pretix",
    "repo": "https://github.com/pretix/pretix",
    "versions": [
      {
        "status": "affected",
        "version": "2024.1.0",
        "lessThan": "2026.3.0",
        "versionType": "python"
      },
      {
        "status": "affected",
        "version": "2026.3.0",
        "lessThan": "2026.4.0",
        "changes": [
          {
            "at": "2026.3.3",
            "status": "unaffected"
          }
        ],
        "versionType": "python"
      },
      {
        "status": "affected",
        "version": "2026.4.0",
        "lessThan": "2026.5.0",
        "changes": [
          {
            "at": "2026.4.3",
            "status": "unaffected"
          }
        ],
        "versionType": "python"
      },
      {
        "status": "affected",
        "version": "2026.5.0",
        "lessThan": "2026.6.0",
        "changes": [
          {
            "at": "2026.5.1",
            "status": "unaffected"
          }
        ],
        "versionType": "python"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
pretix	www.pretix.eu/about/en/blog/20260609-release-2026-5-1/

09 Jun 2026 11:54Current

CVSS 46.9

EPSS0.00036

CWE-280