MEDIUM
Six Apart Ltd.
CVE published 2026-05-20
CVE-2026-44392
CVE-2026-44392 describes a missing authorization weakness in Movable Type. According to the published summary, under certain conditions a user without administrator privileges signing in to the product can trigger unintended update processing. The issue is rated CVSS 5.3 (Medium) and maps to CWE-862 (Missing Authorization).