CVE-2026-40591

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled customerid, name, toemail, and phone values and resolves the target customer in the backend without enforcing mailbox-scoped customer visibility...

CVE-2026-41906

FreeScout (PHP Laravel) prior to 1.8.214 is vulnerable: the backend action conversation_change_customer accepts any supplied customer_email, allowing a low-privilege agent to bind a visible conversation to a hidden customer in another mailbox via forged requests. The Change Customer modal correct...

CVE-2026-41906 FreeScout: Conversation Change-Customer Cross-Mailbox Authorization Bypass

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...

CVE-2026-40591 FreeScout: Improper Authorization in Phone Conversation Creation Enables Cross-Mailbox Hidden Customer Modification

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled customerid, name, toemail, and phone values and resolves the target customer in the backend without enforcing mailbox-scoped customer visibility...

CVE-2026-40589 FreeScout has Customer Edit Cross-Mailbox Email Takeover

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer in another mailbox. The server discloses the hidden customer’s name and profile URL in the success...

CVE-2026-40589

Product affected: FreeScout (self-hosted help desk). Vulnerability: Prior to 1.8.214, a low-privileged agent can edit a visible customer and assign an email owned by a hidden customer in another mailbox. The server reveals the hidden customer’s name and profile URL in the success flash, reassigns...

CVE-2026-40589 FreeScout has Customer Edit Cross-Mailbox Email Takeover

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer in another mailbox. The server discloses the hidden customer’s name and profile URL in the success...

PT-2026-34026

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled customer id, name, to email, and phone values and resolves the target customer in the backend without enforcing mailbox-scoped customer...

CVE-2026-39384 FreeScout Customer Merge Cross-Mailbox Authorization Bypass

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...

CVE-2026-39384

Product/Component: FreeScout (Laravel PHP) Vulnerability summary: Prior to version 1.8.212, FreeScout does not take the limit_user_customer_visibility parameter into account when merging customers, enabling a cross-mailbox authorization bypass. Impact (as stated): Cross-mailbox visibility/authori...

CVE-2026-39384 FreeScout Customer Merge Cross-Mailbox Authorization Bypass

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...