CVE-2026-2742 | Vaadin Flow up to 14.14.0/23.6.6/24.9.7/25.0.1 Endpoint /vaadin access control

Inserito da Angelo Barbosa | Mar 10, 2026 | CVE

A vulnerability labeled as critical has been found in Vaadin Flow up to 14.14.0/23.6.6/24.9.7/25.0.1. Affected by this vulnerability is an unknown functionality of the file /vaadin of the component Endpoint. Executing a manipulation can lead to improper access controls.

The identification of this vulnerability is CVE-2026-2742. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-2742 | Vaadin Flow up to 14.14.0/23.6.6/24.9.7/25.0.1 Endpoint /vaadin access control

Post correlati

CVE-2024-6518 | FluentForm Plugin up to 5.1.19 on WordPress cross site scripting

CVE-2024-23189 | Open-Xchange OX App Suite up to 7.10.6-rev40/8.21 Embedded Content cross site scripting (adv-2024-0001)

CVE-2024-11207 | Apereo CAS 6.6 /login redirect_uri

CVE-2026-3803 | Tenda i3 1.0.0.6(2204) /goform/WifiMacFilterGet formWifiMacFilterGet index stack-based overflow