CVE-2026-13591 | DeepMyst Mysti 0.4.0 Contact Tracking ChannelBridge.ts _isTrackedConversation _channelType improper authorization (Issue 42)
A vulnerability identified as critical has been detected in DeepMyst Mysti 0.4.0. Affected is the function _isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument _channelType causes improper authorization.
This vulnerability appears as CVE-2026-13591. The attack may be initiated remotely. In addition, an exploit is available.
It is suggested to install a patch to address this issue.VulDB Recent EntriesRead More