CVE-2026-9409 in Invoice-System情報

要約

〜によって MITRE • 2026年05月26日

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack remotely. The exploit has been published and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

VulDB

公開

2026年05月26日

モデレーション

承諾済み

エントリ

VDB-365390

CPE

準備完了

CWE

CWE-285 (確認済み)

エクスプロイト

ダウンロード

CVSS

4.3 (VulDB)

EPSS

0.00028

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-9409
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-9409
CVE Details	https://www.cvedetails.com/cve/CVE-2026-9409/

◂ 前概要次 ▸

Do you need the next level of professionalism?

Upgrade your account now!