CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CVE-2026-7723 (GCVE-0-2026-7723)
Vulnerability from cvelistv5 – Published: 2026-05-04 02:30 – Updated: 2026-05-04 21:17 X_Open Source
VLAI
Title
PrefectHQ prefect WebSocket Endpoint in missing authentication
Summary
A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 3.6.14 is able to address this issue. This patch is called f8afecadf88ea5f73694dafa3a365b9d8fae1ad6. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/360899 | vdb-entry |
| https://vuldb.com/vuln/360899/cti | signaturepermissions-required |
| https://vuldb.com/submit/807256 | third-party-advisory |
| https://gist.github.com/nedlir/f1ab8aa038aafbcc6b… | exploit |
| https://github.com/PrefectHQ/prefect/pull/20372 | issue-trackingpatch |
| https://github.com/PrefectHQ/prefect/commit/f8afe… | patch |
| https://github.com/PrefectHQ/prefect/releases/tag… | patch |
| https://github.com/PrefectHQ/prefect/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| PrefectHQ | prefect |
Affected:
3.6.0
Affected: 3.6.1 Affected: 3.6.2 Affected: 3.6.3 Affected: 3.6.4 Affected: 3.6.5 Affected: 3.6.6 Affected: 3.6.7 Affected: 3.6.8 Affected: 3.6.9 Affected: 3.6.10 Affected: 3.6.11 Affected: 3.6.12 Affected: 3.6.13 Unaffected: 3.6.14 cpe:2.3:a:prefect:prefect:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7723",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T11:33:53.101447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T11:34:08.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:prefect:prefect:*:*:*:*:*:*:*:*"
],
"modules": [
"WebSocket Endpoint"
],
"product": "prefect",
"vendor": "PrefectHQ",
"versions": [
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.6.4"
},
{
"status": "affected",
"version": "3.6.5"
},
{
"status": "affected",
"version": "3.6.6"
},
{
"status": "affected",
"version": "3.6.7"
},
{
"status": "affected",
"version": "3.6.8"
},
{
"status": "affected",
"version": "3.6.9"
},
{
"status": "affected",
"version": "3.6.10"
},
{
"status": "affected",
"version": "3.6.11"
},
{
"status": "affected",
"version": "3.6.12"
},
{
"status": "affected",
"version": "3.6.13"
},
{
"status": "unaffected",
"version": "3.6.14"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "nedlir (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 3.6.14 is able to address this issue. This patch is called f8afecadf88ea5f73694dafa3a365b9d8fae1ad6. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T21:17:54.417Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-360899 | PrefectHQ prefect WebSocket Endpoint in missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/360899"
},
{
"name": "VDB-360899 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/360899/cti"
},
{
"name": "Submit #807256 | PerfectHQ Perfect \u003c=3.6.13 Missing Critical Step in Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/807256"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/nedlir/f1ab8aa038aafbcc6beeef21fab1d74f"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/PrefectHQ/prefect/pull/20372"
},
{
"tags": [
"patch"
],
"url": "https://github.com/PrefectHQ/prefect/commit/f8afecadf88ea5f73694dafa3a365b9d8fae1ad6"
},
{
"tags": [
"patch"
],
"url": "https://github.com/PrefectHQ/prefect/releases/tag/3.6.14"
},
{
"tags": [
"product"
],
"url": "https://github.com/PrefectHQ/prefect/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-04T23:22:28.000Z",
"value": "VulDB entry last update"
}
],
"title": "PrefectHQ prefect WebSocket Endpoint in missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7723",
"datePublished": "2026-05-04T02:30:18.099Z",
"dateReserved": "2026-05-03T09:18:16.724Z",
"dateUpdated": "2026-05-04T21:17:54.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7844 (GCVE-0-2026-7844)
Vulnerability from cvelistv5 – Published: 2026-05-05 15:00 – Updated: 2026-05-06 14:16
VLAI
Title
chatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authentication
Summary
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Compatible File Service. The manipulation results in missing authentication. The attacker must have access to the local network to execute the attack. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/361123 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/361123/cti | signaturepermissions-required |
| https://vuldb.com/submit/807790 | third-party-advisory |
| https://github.com/chatchat-space/Langchain-Chatc… | issue-tracking |
| https://github.com/3em0/cve_repo/blob/main/Langch… | exploit |
| https://github.com/chatchat-space/Langchain-Chatchat/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| chatchat-space | Langchain-Chatchat |
Affected:
0.3.1.0
Affected: 0.3.1.1 Affected: 0.3.1.2 Affected: 0.3.1.3 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7844",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T14:16:11.330952Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T14:16:25.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Compatible File Service"
],
"product": "Langchain-Chatchat",
"vendor": "chatchat-space",
"versions": [
{
"status": "affected",
"version": "0.3.1.0"
},
{
"status": "affected",
"version": "0.3.1.1"
},
{
"status": "affected",
"version": "0.3.1.2"
},
{
"status": "affected",
"version": "0.3.1.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem00 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Compatible File Service. The manipulation results in missing authentication. The attacker must have access to the local network to execute the attack. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T15:00:13.227Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-361123 | chatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/361123"
},
{
"name": "VDB-361123 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/361123/cti"
},
{
"name": "Submit #807790 | chatchat-space Langchain-Chatchat 0.3.1.3 Missing Authorization / CWE-862",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/807790"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/issues/5465"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-4-Missing-Auth-File-Endpoints.md"
},
{
"tags": [
"product"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-05T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-05T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-05T12:26:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "chatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7844",
"datePublished": "2026-05-05T15:00:13.227Z",
"dateReserved": "2026-05-05T10:20:48.141Z",
"dateUpdated": "2026-05-06T14:16:25.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7876 (GCVE-0-2026-7876)
Vulnerability from cvelistv5 – Published: 2026-05-27 13:56 – Updated: 2026-05-28 14:21
VLAI
Title
Authentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for Integration
Summary
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7274127 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Aspera HSTS for CP4I |
Affected:
1.5.1 , ≤ 1.5.19
(semver)
cpe:2.3:a:ibm:aspera_hsts_for_cp4i:1.5.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:aspera_hsts_for_cp4i:1.5.19:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-7876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T14:21:36.215142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T14:21:59.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:aspera_hsts_for_cp4i:1.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:aspera_hsts_for_cp4i:1.5.19:*:*:*:*:*:*:*"
],
"product": "Aspera HSTS for CP4I",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "1.5.19",
"status": "affected",
"version": "1.5.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "The vulnerabilities were reported to IBM by Yannik Marchand."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Aspera HSTS for CP4I 1.5.1 through 1.5.19\u003c/p\u003e"
}
],
"value": "IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T13:56:16.166Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7274127"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eProduct(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eVRMF\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eRemediation/First Fix\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)\u003c/td\u003e\u003ctd\u003e1.5.20\u003c/td\u003e\u003ctd\u003e-\u0026nbsp;Access your charts to get the latest version\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e"
}
],
"value": "Product(s)VRMFRemediation/First FixIBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)1.5.20-\u00a0Access your charts to get the latest version"
}
],
"title": "Authentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for Integration",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-7876",
"datePublished": "2026-05-27T13:56:16.166Z",
"dateReserved": "2026-05-05T16:12:39.223Z",
"dateUpdated": "2026-05-28T14:21:59.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8031 (GCVE-0-2026-8031)
Vulnerability from cvelistv5 – Published: 2026-05-06 18:00 – Updated: 2026-05-06 18:37
VLAI
Title
PicoTronica e-Clinic Healthcare System ECHS API Endpoint patient-records missing authentication
Summary
A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 5.7.1 is sufficient to fix this issue. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/361357 | vdb-entry |
| https://vuldb.com/vuln/361357/cti | signaturepermissions-required |
| https://vuldb.com/submit/800781 | third-party-advisory |
| https://docs.google.com/document/d/1FByC9x21c5503… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| PicoTronica | e-Clinic Healthcare System ECHS |
Affected:
5.7
Unaffected: 5.7.1 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8031",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T18:36:57.395325Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T18:37:26.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"API Endpoint"
],
"product": "e-Clinic Healthcare System ECHS",
"vendor": "PicoTronica",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"status": "unaffected",
"version": "5.7.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 5.7.1 is sufficient to fix this issue. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T18:00:18.864Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-361357 | PicoTronica e-Clinic Healthcare System ECHS API Endpoint patient-records missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/361357"
},
{
"name": "VDB-361357 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/361357/cti"
},
{
"name": "Submit #800781 | PicoTronica e-Clinic Healthcare System (ECHS) v5.7 Exposure of Private Personal Information to an Unauthorized Acto",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/800781"
},
{
"tags": [
"exploit"
],
"url": "https://docs.google.com/document/d/1FByC9x21c5503cQg6lkxjffIwWlEAHtHi_83vk2eUdk/edit?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-06T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-06T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-06T14:22:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "PicoTronica e-Clinic Healthcare System ECHS API Endpoint patient-records missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8031",
"datePublished": "2026-05-06T18:00:18.864Z",
"dateReserved": "2026-05-06T12:17:10.551Z",
"dateUpdated": "2026-05-06T18:37:26.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8181 (GCVE-0-2026-8181)
Vulnerability from cvelistv5 – Published: 2026-05-14 05:30 – Updated: 2026-05-14 10:46
VLAI
Title
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover
Summary
The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the `is_mainwp_authenticated()` function when validating application passwords from the Authorization header. This makes it possible for unauthenticated attackers, with knowledge of an administrator username, to impersonate that administrator for the duration of the request by supplying any random Basic Authentication password achieving privilege escalation.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
10 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| burstbv | Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) |
Affected:
3.4.0 , ≤ 3.4.1.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-14T10:38:46.502886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T10:46:32.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Burst Statistics \u2013 Privacy-Friendly WordPress Analytics (Google Analytics Alternative)",
"vendor": "burstbv",
"versions": [
{
"lessThanOrEqual": "3.4.1.1",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Burst Statistics \u2013 Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the `is_mainwp_authenticated()` function when validating application passwords from the Authorization header. This makes it possible for unauthenticated attackers, with knowledge of an administrator username, to impersonate that administrator for the duration of the request by supplying any random Basic Authentication password achieving privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T05:30:29.145Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ca830d6-3d3c-4026-85cd-8447b8a568d3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/tags/3.4.1.1/includes/Frontend/class-mainwp-proxy.php#L336"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/includes/Frontend/class-mainwp-proxy.php#L336"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/includes/Frontend/class-mainwp-proxy.php#L328"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/tags/3.4.1.1/includes/Frontend/class-mainwp-proxy.php#L328"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/includes/Frontend/class-mainwp-proxy.php#L314"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/tags/3.4.1.1/includes/Frontend/class-mainwp-proxy.php#L314"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/includes/Traits/trait-admin-helper.php#L205"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/tags/3.4.1.1/includes/Traits/trait-admin-helper.php#L205"
},
{
"url": "https://github.com/Burst-Statistics/burst-statistics/blob/2488d3fa54045e7e5342b0445b9f6b5eaac9ea7c/includes/Frontend/class-mainwp-proxy.php#L385"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-11T14:17:08.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-05-13T16:44:16.000Z",
"value": "Disclosed"
}
],
"title": "Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-8181",
"datePublished": "2026-05-14T05:30:29.145Z",
"dateReserved": "2026-05-08T16:24:21.656Z",
"dateUpdated": "2026-05-14T10:46:32.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8185 (GCVE-0-2026-8185)
Vulnerability from cvelistv5 – Published: 2026-05-09 10:15 – Updated: 2026-05-12 02:25
VLAI
Title
UGREEN CM933 Administrative missing authentication
Summary
A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authentication. The attack requires being on the local network. You should upgrade the affected component. The vendor replied: "We have successfully confirmed and reproduced the issue. We take this matter very seriously and have incorporated the fix into our development schedule. The issue is scheduled to be resolved in the release version coming in late April."
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362337 | vdb-entry |
| https://vuldb.com/vuln/362337/cti | signaturepermissions-required |
| https://vuldb.com/submit/793588 | third-party-advisory |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T02:24:55.623811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T02:25:06.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Administrative Interface"
],
"product": "CM933",
"vendor": "UGREEN",
"versions": [
{
"status": "affected",
"version": "1.1.59.4319"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0xd0 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authentication. The attack requires being on the local network. You should upgrade the affected component. The vendor replied: \"We have successfully confirmed and reproduced the issue. We take this matter very seriously and have incorporated the fix into our development schedule. The issue is scheduled to be resolved in the release version coming in late April.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T10:15:09.364Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362337 | UGREEN CM933 Administrative missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/362337"
},
{
"name": "VDB-362337 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362337/cti"
},
{
"name": "Submit #793588 | UGREEN CM933 Managed Network Switch 1.1.59.4319 CWE-306: Missing Authentication for Critical Function",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/793588"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-08T21:45:34.000Z",
"value": "VulDB entry last update"
}
],
"title": "UGREEN CM933 Administrative missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8185",
"datePublished": "2026-05-09T10:15:09.364Z",
"dateReserved": "2026-05-08T19:40:30.733Z",
"dateUpdated": "2026-05-12T02:25:06.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8214 (GCVE-0-2026-8214)
Vulnerability from cvelistv5 – Published: 2026-05-10 00:15 – Updated: 2026-05-11 15:03
VLAI
Title
Industrial Application Software IAS Canias ERP RMI doAction improper authentication
Summary
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362431 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/362431/cti | signaturepermissions-required |
| https://vuldb.com/submit/808238 | third-party-advisory |
| https://hawktrace.com/blog/caniaserp/ | related |
| https://gist.github.com/0xb1lal/3ef872a445310c586… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Industrial Application Software IAS | Canias ERP |
Affected:
8.03
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8214",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T15:03:04.373468Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T15:03:51.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"RMI Interface"
],
"product": "Canias ERP",
"vendor": "Industrial Application Software IAS",
"versions": [
{
"status": "affected",
"version": "8.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bilal G\u00fcne\u015f (HawkTrace)"
},
{
"lang": "en",
"type": "reporter",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:09:42.239Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362431 | Industrial Application Software IAS Canias ERP RMI doAction improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/362431"
},
{
"name": "VDB-362431 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362431/cti"
},
{
"name": "Submit #808238 | Industrial Application Software - IAS Canias ERP 8.03-- Information Disclosure",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/808238"
},
{
"tags": [
"related"
],
"url": "https://hawktrace.com/blog/caniaserp/"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://gist.github.com/0xb1lal/3ef872a445310c5866d07d6a5b1803fa"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-11T15:09:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "Industrial Application Software IAS Canias ERP RMI doAction improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8214",
"datePublished": "2026-05-10T00:15:09.439Z",
"dateReserved": "2026-05-09T07:19:30.371Z",
"dateUpdated": "2026-05-11T15:03:51.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8216 (GCVE-0-2026-8216)
Vulnerability from cvelistv5 – Published: 2026-05-10 01:00 – Updated: 2026-05-12 02:30
VLAI
Title
Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication
Summary
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362433 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/362433/cti | signaturepermissions-required |
| https://vuldb.com/submit/808244 | third-party-advisory |
| https://hawktrace.com/blog/caniaserp | related |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Industrial Application Software IAS | Canias ERP |
Affected:
8.03
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8216",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T02:30:40.313403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T02:30:50.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Java RMI Session Management"
],
"product": "Canias ERP",
"vendor": "Industrial Application Software IAS",
"versions": [
{
"status": "affected",
"version": "8.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bilal G\u00fcne\u015f (HawkTrace)"
},
{
"lang": "en",
"type": "reporter",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:X",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:X",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:ND",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:09:53.538Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362433 | Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/362433"
},
{
"name": "VDB-362433 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362433/cti"
},
{
"name": "Submit #808244 | Industrial Application Software - IAS Canias ERP 8.03-- Improper Authentication (CWE-287)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/808244"
},
{
"tags": [
"related"
],
"url": "https://hawktrace.com/blog/caniaserp"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-11T15:13:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8216",
"datePublished": "2026-05-10T01:00:11.633Z",
"dateReserved": "2026-05-09T07:19:37.329Z",
"dateUpdated": "2026-05-12T02:30:50.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8244 (GCVE-0-2026-8244)
Vulnerability from cvelistv5 – Published: 2026-05-10 09:15 – Updated: 2026-05-18 13:52
VLAI
Title
Industrial Application Software IAS Canias ERP Login RMI improper authentication
Summary
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362460 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/362460/cti | signaturepermissions-required |
| https://vuldb.com/submit/808326 | third-party-advisory |
| https://hawktrace.com/blog/caniaserp | related |
| https://gist.github.com/0xb1lal/758bbc5e4d82efea2… | broken-linkexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Industrial Application Software IAS | Canias ERP |
Affected:
8.03
cpe:2.3:a:industrial_application_software_ias:canias_erp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8244",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T16:54:22.733665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T16:54:43.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:industrial_application_software_ias:canias_erp:*:*:*:*:*:*:*:*"
],
"modules": [
"Login RMI Interface"
],
"product": "Canias ERP",
"vendor": "Industrial Application Software IAS",
"versions": [
{
"status": "affected",
"version": "8.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bilal G\u00fcne\u015f (HawkTrace)"
},
{
"lang": "en",
"type": "reporter",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "b1lal (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-18T13:52:19.031Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362460 | Industrial Application Software IAS Canias ERP Login RMI improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/362460"
},
{
"name": "VDB-362460 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362460/cti"
},
{
"name": "Submit #808326 | Industrial Application Software - IAS Canias ERP 8.03-- Improper Authentication (CWE-287), (CWE-200)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/808326"
},
{
"tags": [
"related"
],
"url": "https://hawktrace.com/blog/caniaserp"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://gist.github.com/0xb1lal/758bbc5e4d82efea248e675da934ac69"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-18T15:54:18.000Z",
"value": "VulDB entry last update"
}
],
"title": "Industrial Application Software IAS Canias ERP Login RMI improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8244",
"datePublished": "2026-05-10T09:15:07.438Z",
"dateReserved": "2026-05-09T16:33:18.602Z",
"dateUpdated": "2026-05-18T13:52:19.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8305 (GCVE-0-2026-8305)
Vulnerability from cvelistv5 – Published: 2026-05-11 16:30 – Updated: 2026-05-11 18:26 X_Open Source
VLAI
Title
OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication
Summary
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 2026.2.12 is sufficient to resolve this issue. The patch is named a6653be0265f1f02b9de46c06f52ea7c81a836e6. The affected component should be upgraded.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/362590 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/362590/cti | signaturepermissions-required |
| https://vuldb.com/submit/809371 | third-party-advisory |
| https://github.com/openclaw/openclaw/issues/13786 | issue-tracking |
| https://github.com/openclaw/openclaw/pull/13787 | issue-trackingpatch |
| https://github.com/Dave-gilmore-aus/security-advi… | exploit |
| https://github.com/openclaw/openclaw/commit/a6653… | patch |
| https://github.com/openclaw/openclaw/releases/tag… | patch |
| https://github.com/openclaw/openclaw/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | OpenClaw |
Affected:
2026.1.0
Affected: 2026.1.1 Affected: 2026.1.2 Affected: 2026.1.3 Affected: 2026.1.4 Affected: 2026.1.5 Affected: 2026.1.6 Affected: 2026.1.7 Affected: 2026.1.8 Affected: 2026.1.9 Affected: 2026.1.10 Affected: 2026.1.11 Affected: 2026.1.12 Affected: 2026.1.13 Affected: 2026.1.14 Affected: 2026.1.15 Affected: 2026.1.16 Affected: 2026.1.17 Affected: 2026.1.18 Affected: 2026.1.19 Affected: 2026.1.20 Affected: 2026.1.21 Affected: 2026.1.22 Affected: 2026.1.23 Affected: 2026.1.24 Unaffected: 2026.2.12 cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8305",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T18:25:58.820819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T18:26:10.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*"
],
"modules": [
"bluebubbles Webhook"
],
"product": "OpenClaw",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2026.1.0"
},
{
"status": "affected",
"version": "2026.1.1"
},
{
"status": "affected",
"version": "2026.1.2"
},
{
"status": "affected",
"version": "2026.1.3"
},
{
"status": "affected",
"version": "2026.1.4"
},
{
"status": "affected",
"version": "2026.1.5"
},
{
"status": "affected",
"version": "2026.1.6"
},
{
"status": "affected",
"version": "2026.1.7"
},
{
"status": "affected",
"version": "2026.1.8"
},
{
"status": "affected",
"version": "2026.1.9"
},
{
"status": "affected",
"version": "2026.1.10"
},
{
"status": "affected",
"version": "2026.1.11"
},
{
"status": "affected",
"version": "2026.1.12"
},
{
"status": "affected",
"version": "2026.1.13"
},
{
"status": "affected",
"version": "2026.1.14"
},
{
"status": "affected",
"version": "2026.1.15"
},
{
"status": "affected",
"version": "2026.1.16"
},
{
"status": "affected",
"version": "2026.1.17"
},
{
"status": "affected",
"version": "2026.1.18"
},
{
"status": "affected",
"version": "2026.1.19"
},
{
"status": "affected",
"version": "2026.1.20"
},
{
"status": "affected",
"version": "2026.1.21"
},
{
"status": "affected",
"version": "2026.1.22"
},
{
"status": "affected",
"version": "2026.1.23"
},
{
"status": "affected",
"version": "2026.1.24"
},
{
"status": "unaffected",
"version": "2026.2.12"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "davidgilmore (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 2026.2.12 is sufficient to resolve this issue. The patch is named a6653be0265f1f02b9de46c06f52ea7c81a836e6. The affected component should be upgraded."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T16:30:14.666Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-362590 | OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/362590"
},
{
"name": "VDB-362590 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/362590/cti"
},
{
"name": "Submit #809371 | OpenClaw (formally ClawdBot) openclaw 2026.1.24 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/809371"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/openclaw/openclaw/issues/13786"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/openclaw/openclaw/pull/13787"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Dave-gilmore-aus/security-advisories/blob/main/ClawdBot(aka%20OpenClaw)-Auth-Bypass-SSRF"
},
{
"tags": [
"patch"
],
"url": "https://github.com/openclaw/openclaw/commit/a6653be0265f1f02b9de46c06f52ea7c81a836e6"
},
{
"tags": [
"patch"
],
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.12"
},
{
"tags": [
"product"
],
"url": "https://github.com/openclaw/openclaw/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-11T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-11T13:42:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8305",
"datePublished": "2026-05-11T16:30:14.666Z",
"dateReserved": "2026-05-11T11:37:27.843Z",
"dateUpdated": "2026-05-11T18:26:10.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use an authentication framework or library such as the OWASP ESAPI Authentication feature.
CAPEC-114: Authentication Abuse
An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker.
CAPEC-115: Authentication Bypass
An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place.
CAPEC-151: Identity Spoofing
Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials.
CAPEC-194: Fake the Source of Data
An adversary takes advantage of improper authentication to provide data or services under a falsified identity. The purpose of using the falsified identity may be to prevent traceability of the provided data or to assume the rights granted to another individual. One of the simplest forms of this attack would be the creation of an email message with a modified "From" field in order to appear that the message was sent from someone other than the actual sender. The root of the attack (in this case the email system) fails to properly authenticate the source and this results in the reader incorrectly performing the instructed action. Results of the attack vary depending on the details of the attack, but common results include privilege escalation, obfuscation of other attacks, and data corruption/manipulation.
CAPEC-22: Exploiting Trust in Client
An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
CAPEC-57: Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to obtain sensitive data once SSL is terminated.
CAPEC-593: Session Hijacking
This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to steal or manipulate an active session and use it to gain unathorized access to the application.
CAPEC-633: Token Impersonation
An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.
CAPEC-650: Upload a Web Shell to a Web Server
By exploiting insufficient permissions, it is possible to upload a web shell to a web server in such a way that it can be executed remotely. This shell can have various capabilities, thereby acting as a "gateway" to the underlying web server. The shell might execute at the higher permission level of the web server, providing the ability the execute malicious code at elevated levels.
CAPEC-94: Adversary in the Middle (AiTM)
An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components.