CVE-2026-10284 in project-managementinformation

Résumé

par MITRE • 02/06/2026

A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vulnerability is the function editComment/doDeleteComment of the file app/Filament/Resources/TicketResource/Pages/ViewTicket.php of the component Livewire Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The project was informed of the problem early through an issue report but has not responded yet.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgation

02/06/2026

Modérer

accepté

Entrée

VDB-367577

CPE

prêt

CWE

CWE-285 (confirmé)

CVSS

5.4 (VulDB)

EPSS

0.00043

KEV

non

Activités

très faible

Secteur

Chemical, Education, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-10284
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-10284
CVE Details	https://www.cvedetails.com/cve/CVE-2026-10284/

◂ Précédent Aperçu Suivant ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!