QwikSec

Security Database

CVE

CWE

Training

CVE-2026-3020

Published: Mar 16, 2026

Modified: Mar 16, 2026

PUBLISHED

Description

Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other users' legitimate accounts

Vendor	Product	Versions
Wakyma	Wakyma application web	affected `all versions`

Weaknesses (CWE)

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web

patch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.