CVE-2026-25197: CWE-639 in Gardyn Cloud API This vulnerability in the Gardyn Cloud API allows authenticated users to bypass access controls by altering the ID number in an API call, enabling unauthorized access to other users' profiles. It is classified as CWE-639, which involves aut

Gardyn Cloud API CRITICAL flaw: Authenticated users can access other profiles by changing the ID parameter. No fix yet — restrict endpoint access & monitor for misuse. radar.offseq.com/threat/cve-2026-25197-cw... #OffSeq #APIsecurity #CVE202625197