Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
LeadConnector allows unauthorized access if access control is misconfigured
CVE-2026-25441
Summary
A security issue in LeadConnector versions up to 3.0.21 allows users with incorrect access levels to access areas they shouldn't. This could allow unauthorized access to sensitive data or functions. Update to version 3.0.22 or later to fix the issue.
Original title
Missing Authorization vulnerability in LeadConnector LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a t...
Original description
Missing Authorization vulnerability in LeadConnector LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a through <= 3.0.21.
nvd CVSS3.1
5.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026