CVE-2026-41657

Description

Admidio Exposes Cross-Organization Member Data via Permission Check Mismatch in contacts_data.php

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://github.com/advisories/GHSA-g8p8-94f2-28gr
• https://github.com/Admidio/admidio/releases/tag/v5.0.9
• https://github.com/Admidio/admidio/security/advisories/GHSA-g8p8-94f2-28gr
• https://nvd.nist.gov/vuln/detail/CVE-2026-41657
• https://github.com/Admidio/admidio

CWEs

CWE-863