CVE-2026-39393 | ci4-cms-erp ci4ms 0.28.5.0/0.31.0.0/0.31.2.0 missing authentication (GHSA-8rh5-4mvx-xj7j)

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability described as critical has been identified in ci4-cms-erp ci4ms 0.28.5.0/0.31.0.0/0.31.2.0. Affected is an unknown function. The manipulation results in missing authentication.

This vulnerability is identified as CVE-2026-39393. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-39393 | ci4-cms-erp ci4ms 0.28.5.0/0.31.0.0/0.31.2.0 missing authentication (GHSA-8rh5-4mvx-xj7j)

Post correlati

CVE-2024-3979 | COVESA vsomeip up to 3.4.10 race condition

CVE-2024-24578 | jens-maus RaspberryMatic prior 3.75.6.20240316 path traversal (GHSA-q967-q4j8-637h)

CVE-2025-11661 | ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59 missing authentication

CVE-2025-40887 | Nozomi Guardian/CMC up to 25.1.x Alert sql injection