CVE-2026-33736 - Chamilo LMS has an Insecure Direct Object Reference (IDOR) - User Data Exposure
CVE ID :CVE-2026-33736
Published : April 10, 2026, 7:16 p.m. | 50 minutes ago
Description :Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including...
Related Vulnerabilities
- CVE-2026-22560: An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected MEDIUM
- CVE-2026-31940: Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicc_hacp.p HIGH
- CVE-2026-32893: Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, a Reflected Cross-Site Scripting ( MEDIUM
- CVE-2026-3691: OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote MEDIUM
- CVE-2026-40180: Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs gen N/A
Related Coverage
Threat Actors