{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T13:15:21.362","vulnerabilities":[{"cve":{"id":"CVE-2026-24735","sourceIdentifier":"security@apache.org","published":"2026-02-04T11:16:03.130","lastModified":"2026-02-06T14:40:37.130","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer.\n\nThis issue affects Apache Answer: through 1.7.1.\n\nAn unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or sensitive information.\nUsers are recommended to upgrade to version 2.0.0, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de exposición de Información Personal Privada a un Actor No Autorizado en Apache Answer.\n\nEste problema afecta a Apache Answer: hasta la versión 1.7.1.\n\nUn endpoint de API no autenticado expone incorrectamente el historial completo de revisiones para contenido eliminado. Esto permite a usuarios no autorizados recuperar información restringida o sensible.\nSe recomienda a los usuarios actualizar a la versión 2.0.0, que corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-359"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.0","matchCriteriaId":"532DB4B7-06FB-4580-9FB7-3FF91958AC5C"}]}]}],"references":[{"url":"https://lists.apache.org/thread/whxloom7mpxlyt5wzdskflsg5mzdzd60","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/02/04/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}