A vulnerability was found in Milestone Systems XProtect Management Server up to 25.3. It has been classified as very critical. The affected element is an unknown function of the component Management Server API. Performing a manipulation results in permission issues.
This vulnerability is known as CVE-2026-3014. Remote exploitation of the attack is possible. No exploit is available.