CVE-2026-40590 | freescout-help-desk freescout up to 1.8.213 Email Validation /customers/ajax Customer::create authorization (GHSA-wjw4-8xg6-342m)

A vulnerability marked as problematic has been reported in freescout-help-desk freescout up to 1.8.213. This vulnerability affects the function Customer::create of the file /customers/ajax of the component Email Validation Handler. This manipulation causes authorization bypass.

This vulnerability is tracked as CVE-2026-40590. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More