Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-42160: Data Space Portal: Unauthorized Access to New Accounts
CVE-2026-42160
Summary
Data Space Portal versions 2.1.1 to 7.3.1 are at risk of unauthorized access to new user accounts. This could allow an attacker to gain access to sensitive data. Update to version 7.3.2 or later to fix the issue.
Original title
Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 to before version 7.3.2, there is insufficient authorizatio...
Original description
Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 to before version 7.3.2, there is insufficient authorization in the dataspace-portal backend regarding self-registered "PENDING" organization / user accounts. This issue has been patched in version 7.3.2.
nvd CVSS4.0
10.0
Vulnerability type
CWE-602
CWE-863
Incorrect Authorization
Published: 8 May 2026 · Updated: 28 May 2026 · First seen: 8 May 2026