CVE-2026-13591
Last modified
CVE-2026-13591 is a medium-severity vulnerability rated 5/10 on the CVSS scale. A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function _isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking.
Description
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function _isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument _channelType causes improper authorization. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit has been made available to the public and could be used for attacks. Patch name: 9b4aff0f106db424aa45a35aa89dd0b8f2eb9a48. It is suggested to install a patch to address this issue.
Metrics
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| DeepMyst | Mysti | 0.4.0 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-13591?
How severe is CVE-2026-13591?
How do I fix CVE-2026-13591?
Related CVEs from 2026
- CVE-2026-13583A vulnerability has been found in Edimax EW-7478APC 1.04. Im…8.8
- CVE-2026-13587A vulnerability was found in seladb PcapPlusPlus 25.05. The …3.7
- CVE-2026-13588A vulnerability was determined in seladb PcapPlusPlus 25.05.…5.6
- CVE-2026-13589A vulnerability was identified in seladb PcapPlusPlus 25.05.…5.6
- CVE-2026-1359The Genolve – AI image AI video generation plugin for WordPr…8.8
- CVE-2026-13590A security flaw has been discovered in seladb PcapPlusPlus 2…5.6
- CVE-2026-13592A vulnerability was detected in liftoff-sr CIPster up to e8e…7.3
- CVE-2026-13593CSS::Minifier::XS versions before 0.14 for Perl have a memor…6.5
- CVE-2026-13595A flaw was found in the libblkid library of util-linux. Duri…5.3
- CVE-2026-13601A flaw was found in Yelp due to an overly permissive Content…6.5
- CVE-2026-13602We found a chain of combining multiple weaknesses in the pro…7.7
- CVE-2026-13603The payment integration pretix-oppwa provides support for t…9
Are you affected by CVE-2026-13591?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
