CVE-2026-3263 | go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118 Security API /api/Security/ improper authorization

A vulnerability, which was classified as critical, has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the component Security API. Performing a manipulation results in improper authorization.

This vulnerability is known as CVE-2026-3263. Remote exploitation of the attack is possible. No exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-3263 | go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118 Security API /api/Security/ improper authorization

Post correlati

CVE-2024-21307 | Microsoft unknown vulnerability

CVE-2025-55368 | jshERP 3.5 RoleController.java access control

CVE-2024-49304 | Pinpoint Booking System Plugin up to 2.9.9.5.1 on WordPress cross-site request forgery

CVE-2024-29272 | VvvebJs up to 1.7.4 save.php sanitizeFileName Remote Code Execution (Issue 343)