What is GHSA-qvr5-4jwr-6hcv?

GHSA-qvr5-4jwr-6hcv is a security advisory published by GitHub Security Advisories with Critical severity. Vulnerability involving the exposure of sensitive data provided without adequate protection. The...

Which CVE IDs does GHSA-qvr5-4jwr-6hcv cover?

GHSA-qvr5-4jwr-6hcv covers the following CVE IDs: CVE-2026-7166. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-qvr5-4jwr-6hcvCritical

Vulnerability involving the exposure of sensitive data provided without adequate protection. The...

Vendor

GitHub Security Advisories

Published

June 22, 2026

Last Modified

June 22, 2026

🔗 CVE IDs covered (1)

CVE-2026-7166 →

📋 Description

Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on minors and municipal users. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to gain access to sensitive information and data.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-7166
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-assassin-game-gaudire
https://github.com/advisories/GHSA-qvr5-4jwr-6hcv