Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Travelpayouts: Unsecured Access to Sensitive Data
CVE-2025-68042
Summary
Travelpayouts software versions up to 1.2.1 have a security issue that allows unauthorized access to sensitive information. This means that someone with the wrong permissions can view or modify data they shouldn't be able to. To protect your data, update to the latest version of Travelpayouts, which should fix this problem.
Original title
Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a t...
Original description
Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a through <= 1.2.1.
nvd CVSS3.1
6.5
Vulnerability type
CWE-862
Missing Authorization
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026