#gardyn
2 articles
Security Alerts Apr 3, 2026
CVE-2026-25197: IDOR in Gardyn user profile API
A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call....
Security Alerts Apr 3, 2026
CVE-2026-28766: Unauthenticated user account disclosure in Gardyn
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication....