๐Ÿ” CVE Alert

CVE-2026-35552

HIGH 8.1
CVSS Score
8.1
EPSS Score
0.2%
EPSS Percentile
10th

In CAXperts UPVWebServices 2.4.2212.603 through 2.7.6 and UDiTH Portal 2026.0.0 through 2026.2.0, an authenticated remote user can invoke an administrative API endpoint intended for privileged users. Due to missing authorization checks, this allows the attacker to deactivate the application's license.

Vendor n/a
Product n/a
Published Jul 8, 2026
Last Updated Jul 9, 2026
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new high vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
caxperts.com: https://caxperts.com github.com: https://github.com/caxperts/security-advisories/blob/main/2026/CAXSEC-2026-001_portal.md