A vulnerability identified as critical has been detected in DeepMyst Mysti 0.4.0 . Affected is the function _isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking . This manipulation of the argument _channelType causes improper authorization. This vulnerability appears as CVE-2026-13591 . The attack may be initiated remotely. In addition, an exploit is available. It is suggested to install a patch to address this issue.