CVE 9.2 CRITICAL

Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7166

June 22, 2026 invoker category_cve

9.2 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Description

Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on minors and municipal users. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to gain access to sensitive information and data.

AI Analysis

Exposure of sensitive data due to inadequate protection, allowing unauthenticated remote attackers to access sensitive information.

Basic Information

ID CVE-2026-7166

Source INCIBE

Published Jun 22, 2026 at 12:47

Affected Product

Vendor Gaudire

Product Assassin game

Version last version

Affected Versions Gaudire Assassin game last version

CWE Classification

CWE-200

AI Assessment

AI Score 9.2 / 10

AI Severity Critical

Vendor Gaudire

Product Assassin game

Version last version

References

www.incibe.es /en/incibe-cert/notices/aviso/multiple-vulnerabilities-assassin-game-gaudire

{
    "lastseen": "",
    "description": "Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the \u2018email\u2019 and \u2018telefon\u2019 fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on minors and municipal users. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to gain access to sensitive information and data.",
    "published": "2026-06-22T12:47:47.703Z",
    "modified": "2026-06-22T12:47:47.703Z",
    "type": "cve",
    "title": "Multiple vulnerabilities in the Assassin game by Gaudire",
    "source": "INCIBE",
    "references": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-assassin-game-gaudire",
    "id": "CVE-2026-7166",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "Gaudire Assassin game last version",
    "sourceHref": "",
    "cvss": {
        "score": 9.2,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Assassin game",
    "version": "last version",
    "vendor": "Gaudire",
    "ai_description": "Exposure of sensitive data due to inadequate protection, allowing unauthenticated remote attackers to access sensitive information.",
    "ai_severity": "Critical",
    "ai_vendor": "Gaudire",
    "ai_product": "Assassin game",
    "ai_version": "last version",
    "ai_score": 9.2
}

💭 Join the Security Discussion ❌ Cancel Reply