CVE-2026-2676 | GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d API Interface LoginInterceptor.java preHandle improper authorization (Issue 27)

A vulnerability labeled as critical has been found in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization.

This vulnerability appears as CVE-2026-2676. The attack may be performed from remote. In addition, an exploit is available.

This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.

CVE-2026-2676 | GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d API Interface LoginInterceptor.java preHandle improper authorization (Issue 27)

Post correlati

CVE-2023-38293 | Nokia C100/C200 command injection

CVE-2024-13646 | aakashbhagat23 Single-user-chat Plugin up to 0.5 on WordPress Login single_user_chat_update_login improper authorization

CVE-2023-53512 | Linux Kernel up to 5.10.172/5.15.98/6.1.15/6.2.2 scsi kfree memory leak

CVE-2025-67737 | AzuraCast up to 0.23.1 API Endpoint authorization (GHSA-9449-rphm-mjqr)