CVE ID :CVE-2026-35383 Published : April 2, 2026, 8:16 p.m. | 1 hour, 3 minutes ago Description :Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete assets. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...