CYBERHAWK / CVE / CVE-2026-39910

CVE-2026-39910

CRITICAL CVSS 9.8 other

The flaw

STACKIT IaaS API contains a missing authorization check vulnerability that allows authenticated, low-privileged attackers to escalate privileges to full organization compromise by attaching arbitrary service accounts to virtual machines the

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-39910

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits