CVE-2026-42291
Summary (CVE-2026-42291) SysReptor (Professional/Community) exposes read/write access to users’ personal notes via un-authorized sharing-link creation. From version 2026.4 up to before 2026.27, authenticated attackers who know a victim’s note ID could list and create sharing links to that user’s ...