Back to overview

CVE-2026-16214

MEDIUM
6.3
CVSS 3.1
Description
A vulnerability was identified in geex-arts django-jet up to 1.0.8. This affects an unknown function of the file jet/dashboard/views.py of the component Dashboard Module. Such manipulation leads to authorization bypass. The attack can be executed remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

Metadata

CVE ID
CVE-2026-16214
State
PUBLISHED
Assigner
VulDB
Reserved
2026-07-18 09:51 UTC
Published
2026-07-19 04:15 UTC
Last updated
2026-07-19 04:15 UTC
Primary CWE
CWE-639
Authorization Bypass
Vendor / Product
geex-arts / django-jet
Sources
cve.org  ·  NVD

Severity & Metrics

6.3 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Affected products (1)
VendorProductPlatformVersions
geex-arts django-jet 1.0.0, 1.0.1, 1.0.2, 1.0.3 …
Weakness (CWE)
CWESourceDescription
CWE-285 cna Improper Authorization
CWE-639 cna Authorization Bypass
CVSS scores (4)
ScoreSeverityVersionSourceVector
6.5 N/D 2.0 cna AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
6.3 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
6.3 MEDIUM 3.0 cna CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
5.3 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
References (6)
Back to overview