Ghostwire

CVE-2026-34579: MantisBT has an authorization bypass in private issue monitoring

MEDIUM CVSS 5.5 Exploit Available

Published: May 11, 2026 | Last Modified: May 11, 2026

Description

MantisBT has an authorization bypass in private issue monitoring

Ghostwire Analysis — What This Means Practically

Medium CVSS score indicates moderate risk — exploitation requires specific conditions or results in limited impact.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References

github.com/mantisbt/mantisbt/security/advisories/GHSA-ggw7-9675-6v4v
github.com/mantisbt/mantisbt/commit/0a93267deba445fb9d15250c16e6fdb1246ffa65
mantisbt.org/bugs/view.php?id=36975
github.com/advisories/GHSA-ggw7-9675-6v4v
www.tenable.com/cve/CVE-2026-34579
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-34579