CVE-2026-6375 — A vulnerability in SpiceJet’s booking API allows unauthenticated users to query passenger name records (PNRs) without any access controls. Because PNR identifiers follow a predictable pattern, an atta — CVE Database · The Intelligence Room