CVE-2026-2676
GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization
CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th
A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.
| CWE | CWE-285 CWE-266 |
| Vendor | googtech |
| Product | sms-ssm |
| Published | Feb 18, 2026 |
| Last Updated | Feb 23, 2026 |
Stay Ahead of the Next One
Get instant alerts for googtech sms-ssm
Be the first to know when new medium vulnerabilities affecting googtech sms-ssm are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
GoogTech / sms-ssm
e8534c766fd13f5f94c01dab475d75f286918a8d
References
vuldb.com: https://vuldb.com/?id.346469 vuldb.com: https://vuldb.com/?ctiid.346469 vuldb.com: https://vuldb.com/?submit.749702 github.com: https://github.com/GoogTech/sms-ssm/issues/27 github.com: https://github.com/GoogTech/sms-ssm/issues/27#issuecomment-3828063958 github.com: https://github.com/GoogTech/sms-ssm/issues/27#issue-3878817166 github.com: https://github.com/GoogTech/sms-ssm/
Credits
๐ Jszdk (VulDB User)