CVE-2026-39393 | ci4-cms-erp ci4ms 0.28.5.0/0.31.0.0/0.31.2.0 missing authentication (GHSA-8rh5-4mvx-xj7j)

A vulnerability described as critical has been identified in ci4-cms-erp ci4ms 0.28.5.0/0.31.0.0/0.31.2.0. Affected is an unknown function. The manipulation results in missing authentication.

This vulnerability is identified as CVE-2026-39393. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.