CVE-2026-12060

Summary

Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining unauthorized access to camera and microphone permissions.

Affected Software

VendorProductVersion RangeStatus
Hepta PlatformsHeptabase0 < 1.90.2affected

Weaknesses

  • CWE-749: CWE-749 Exposed dangerous method or function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References