PatchSiren cyber security CVE debrief
CVE-2026-5228 Kurt Software Studio CVE debrief
CVE-2026-5228 is a HIGH-severity vulnerability in the WriteUp Mobile App by Kurt Software Studio. The issue, classified as Improper Access Control and Missing Authorization, allows users to access functionality not properly constrained by Access Control Lists (ACLs). The vulnerability affects WriteUp Mobile App versions from 1.3.0 through 04062026.
- Vendor
- Kurt Software Studio
- Product
- WriteUp Mobile App
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-04
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-04
Who should care
Users of WriteUp Mobile App, particularly those using versions between 1.3.0 and 04062026, should be aware of this vulnerability. Developers and administrators responsible for the app's security and updates should prioritize patching.
Technical summary
The vulnerability has a CVSS score of 8.8 and is categorized under CWE-284 and CWE-862. It allows attackers with low privileges to access sensitive functionality without proper authorization, potentially leading to high impacts on confidentiality, integrity, and availability.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by Kurt Software Studio for WriteUp Mobile App to version 04062026 or later.
- Review and enforce proper Access Control Lists (ACLs) for the app's functionality.
- Monitor the app's usage and access logs for any suspicious activity.
Evidence notes
The CVE was published on 2026-06-04T16:16:39.640Z and last modified on 2026-06-04T16:23:33.747Z. The vulnerability details were sourced from official CVE and NVD sources.
Official resources
-
CVE-2026-5228 CVE record
CVE.org
-
CVE-2026-5228 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-5228 was disclosed on 2026-06-04.