Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Rustaurius Order Tracking: Incorrect Access Control Exposes Order Data
CVE-2026-39602
Summary
The Rustaurius Order Tracking software has a security issue that could allow unauthorized access to order data. This is because the access control settings are not properly configured, which means that users may be able to view or modify orders they shouldn't have access to. To fix this, please update to a version of Order Tracking that is not vulnerable.
Original title
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a t...
Original description
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026