CVE-2026-61971
EUVD-2026-4344013.07.2026, 10:16
Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs User Profile Picture metronet-profile-picture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Profile Picture: from n/a through <= 2.6.3.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| cozmoslabs | user_profile_picture | 𝑥 ≤ 2.6.3 | CNA |
Common Weakness Enumeration