Vulnerabilities in MyComplianceOffice MCO software
ID: ac4f267e-c5d1-5cd3-9a81-3dfcdc58335e
STIX ID: report--ac4f267e-c5d1-5cd3-9a81-3dfcdc58335e
Feed Name: CERT Polska
Threat Score
CERT Polska coordinated disclosure reports nine vulnerabilities (CVE-2026-53902 through CVE-2026-53909) in MyComplianceOffice MCO 25.3.3.1 that enable privilege escalation, unauthorized document access (IDOR), account denial-of-service via password reset, ACL exposure, path traversal/file write, stored SVG XSS, user enumeration, and unrestricted dangerous file uploads; vendor contact was unsuccessful and vulnerabilities were confirmed in the cited version.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
