CVE-2026-35552
CVSS Score
8.1
EPSS Score
0.2%
EPSS Percentile
10th
In CAXperts UPVWebServices 2.4.2212.603 through 2.7.6 and UDiTH Portal 2026.0.0 through 2026.2.0, an authenticated remote user can invoke an administrative API endpoint intended for privileged users. Due to missing authorization checks, this allows the attacker to deactivate the application's license.
| Vendor | n/a |
| Product | n/a |
| Published | Jul 8, 2026 |
| Last Updated | Jul 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new high vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a