This vulnerability (CWE-862) in Arconix FAQ allows unauthorized users to access certain functions due to missing authorization checks. The affected versions include all versions up to 1.9.4. The CVSS 3.1 base score is 5.3, reflecting network attack vector, low attack complexity, no privileges required, no user interaction, unchanged scope, no confidentiality impact, low integrity impact, and no availability impact. No patch or official fix has been announced, and no known exploits have been observed.

The vulnerability allows unauthorized access to functionality that should be restricted, potentially leading to integrity issues within the affected application. There is no impact on confidentiality or availability. Since no exploits are known, the immediate risk appears limited but could increase if exploitation techniques emerge.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should monitor official Tyche Softwares communications for updates. No vendor-provided mitigation or temporary fix is currently documented.