2 matches found
CVE-2026-40589
creationtimestamp| type| source ---|---|--- 2026-04-21 19:25:57+00:00| seen| Telegram/HMXFp0TlwkMV3YbUFvnNEgjo9AC8CPiEoVa-pxPf99RdwY...
CVE-2026-40589 FreeScout has Customer Edit Cross-Mailbox Email Takeover
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer in another mailbox. The server discloses the hidden customer’s name and profile URL in the success...