Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through 6.6.0. This vulnerability allows an attacker to perform a secondary process injection into the Lunar application and abuse those rights to access sensitive user information.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.