CVE-2026-40543 in SOPlanninginformação

Sumário

de MITRE • 01/06/2026

SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacker can directly query backup-related endpoints and retrieve backup archives containing user databases with usernames and password hashes, as well as the config.csv file, which includes additional sensitive information.

This issue affects SOPlanning version 1.55 and below.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

CERT-PL

Reservar

14/04/2026

Divulgação

01/06/2026

Moderação

aceite

Entrada

VDB-367626

CPE

pronto

CWE

CWE-862 (confirmado)

CVSS

5.3 (VulDB)

EPSS

0.00067

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-40543
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-40543
CVE Details	https://www.cvedetails.com/cve/CVE-2026-40543/

◂ Voltar Visão Geral Próximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!