CVE-2026-1433
uniFLOW Universal Login Manager (ULM) Standalone Improper Protection of Sensitive Information Leads to Information Disclosure
CVSS Score
0.0
EPSS Score
0.2%
EPSS Percentile
12th
uniFLOW Universal Login Manager (ULM) Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface (RUI). Exploitation requires administrative privileges and may disclose configuration data associated with SMTP or LDAP integrations. ULM deployments connected to uniFLOW Server or uniFLOW Online are not affected.
| CWE | CWE-522 |
| Vendor | nt-ware |
| Product | uniflow ulm (universal login manager) standalone |
| Published | Jul 6, 2026 |
| Last Updated | Jul 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for nt-ware uniflow ulm (universal login manager) standalone
Be the first to know when new unknown vulnerabilities affecting nt-ware uniflow ulm (universal login manager) standalone are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
NT-ware / uniFLOW ULM (Universal Login Manager) Standalone
0 โค 5.10
References
Credits
๐ Sam Shepherd working with BAE Systems