PatchSiren cyber security CVE debrief
CVE-2026-39490 artbees CVE debrief
CVE-2026-39490 is a HIGH severity vulnerability with a CVSS score of 7.5. It is an Unauthenticated Broken Access Control issue affecting JupiterX Core versions up to 4.14.1.
- Vendor
- artbees
- Product
- JupiterX Core
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of JupiterX Core plugin for WordPress, particularly those using versions up to 4.14.1, should be aware of this vulnerability.
Technical summary
The vulnerability is described as Unauthenticated Broken Access Control in JupiterX Core <= 4.14.1 versions. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating a high impact on confidentiality.
Defensive priority
HIGH
Recommended defensive actions
- Update JupiterX Core to a version beyond 4.14.1 if possible.
- Review and restrict access controls for the plugin if an immediate update is not feasible.
Evidence notes
The CVE was published and modified on 2026-06-16T10:16:27.097Z. The vulnerability was reported by [email protected].
Official resources
-
CVE-2026-39490 CVE record
CVE.org
-
CVE-2026-39490 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-39490 was published on 2026-06-16T10:16:27.097Z.