{"uuid": "4bbee15b-0f55-4b16-96c6-6cd24dc1818b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54103", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116772804679530962", "content": "lol. lmao.\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-54103\n\nThe U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could change an arbitrary user's password.", "creation_timestamp": "2026-06-18T19:39:55.838549Z"}