CVE-2026-40904 | Chartbrew 4.9.0 Request Endpoint dataset_id/dataRequest id/connection_id access control (GHSA-jq95-gqww-vhm3)

A vulnerability has been found in Chartbrew 4.9.0 and classified as critical. This vulnerability affects unknown code of the component Request Endpoint. Performing a manipulation of the argument dataset_id/dataRequest id/connection_id results in improper access controls.

This vulnerability was named CVE-2026-40904. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More