CVE-2026-38566 Blast Radius

HIGH • CVSS 8.1HireFlow v1.2 does not implement CSRF token validation on any state-changing POST endpoint. All forms (password change at /profile, candidate deletion…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-38566.

Start Free Scan →← Back to CVE-2026-38566