A vulnerability labeled as problematic has been found in CAXperts UPVWebServices and UDiTH Portal up to 2.4.2212.603/2.7.6/2026.0.0/2026.2.0. This affects an unknown function of the component Administrative API Endpoint. Executing a manipulation can lead to missing authorization.
The identification of this vulnerability is CVE-2026-35552. The attack may be launched remotely. There is no exploit available.