Medium CVE-2026-10597 OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address. CVSS: 5.3 · CWE: CWE-639 View on NVD