AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T06:16:22.890Z and has not been modified since then. This MEDIUM severity vulnerability in MicroRealEstate allows attackers to retrieve document templates used by other organizations without authorization due to broken object-level access control on the Template API.
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T06:16:22.633Z and has not been modified since then. MicroRealEstate is affected by broken object-level access controls in PDF generator functionality. This issue affects MicroRealEstate: through 1.0.0-alpha3. The CVSS score is 7.1, and the severity is HIGH.
CVE-2026-57867 is a high-severity vulnerability in MicroRealEstate that allows attackers to bypass authentication. This issue arises from a lack of token state management, enabling adversaries to brute-force One-Time Passwords (OTP) and log in as any user. The vulnerability affects MicroRealEstate versions up to 1.0.0-alpha3. To address this vulnerability, security teams and administrators should be aware [truncated]