CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-5780

An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an attacker to obtain a list of users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.0%

CVSS Severity

CVSS v3 Score 8.1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-mphrxs-minerva

Products affected by CVE-2026-5780

Agilonhealth » Minerva » Version: 3.6.0

cpe:2.3:a:agilonhealth:minerva:3.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-5780

Products

Pricing

Contact Us