CVE 8.6 HIGH

Horilla: Unauthorized Document Overwrite via File Upload Endpoint_CVE-2026-40866

April 21, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Description

Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload request. This enables unauthorized modification of HR records.

AI Analysis

Insecure direct object reference vulnerability in Horilla HRMS, allowing unauthorized modification of HR records via the employee document upload endpoint.

Basic Information

ID CVE-2026-40866

Source GitHub_M

Published Apr 21, 2026 at 18:15

Affected Product

Vendor horilla-opensource

Product horilla

Version 1.5.0

Affected Versions horilla-opensource horilla 1.5.0

CWE Classification

CWE-284 CWE-639

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor Horilla Open Source

Product Horilla HRMS

Version 1.5.0

References

github.com /horilla/horilla-hr/security/advisories/GHSA-q2qh-v828-r4p7

{
    "lastseen": "",
    "description": "Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee\u2019s document by changing the document ID in the upload request. This enables unauthorized modification of HR records.",
    "published": "2026-04-21T18:15:30.126Z",
    "modified": "2026-04-21T18:15:30.126Z",
    "type": "cve",
    "title": "Horilla: Unauthorized Document Overwrite via File Upload Endpoint",
    "source": "GitHub_M",
    "references": "https://github.com/horilla/horilla-hr/security/advisories/GHSA-q2qh-v828-r4p7",
    "id": "CVE-2026-40866",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284",
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "horilla-opensource horilla 1.5.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "horilla",
    "version": "1.5.0",
    "vendor": "horilla-opensource",
    "ai_description": "Insecure direct object reference vulnerability in Horilla HRMS, allowing unauthorized modification of HR records via the employee document upload endpoint.",
    "ai_severity": "High",
    "ai_vendor": "Horilla Open Source",
    "ai_product": "Horilla HRMS",
    "ai_version": "1.5.0",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply