CVE-2026-11374 | Zoho ManageEngine ADSelfService Plus generation of predictable numbers or identifiers

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability classified as problematic has been found in Zoho ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus and ADAudit Plus. This affects an unknown function. The manipulation leads to generation of predictable numbers or identifiers.

This vulnerability is referenced as CVE-2026-11374. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-11374 | Zoho ManageEngine ADSelfService Plus generation of predictable numbers or identifiers

Post correlati

CVE-2025-25570 | Vue Vben Admin 2.10.1 hard-coded credentials

CVE-2024-34709 | Directus up to 10.10.x directus_session session expiration

CVE-2025-8119 | Polska Akademia Dostępności PAD CMS up to 1.2.1 cross-site request forgery

VDB-262278 | Google Cloud Platform Security Operations permission