CVE-2026-5794

UNKNOWN 0.0

Vulnerability in Cryptobox allows an authenticated user to trigger an account lockout

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request.

CWE	CWE-694
Vendor	ercom
Product	cryptobox
Published	Apr 28, 2026

Stay Ahead of the Next One

Get instant alerts for ercom cryptobox

Be the first to know when new unknown vulnerabilities affecting ercom cryptobox are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Ercom / Cryptobox

4.40.175 4.37.237 < 4.38.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

info.cryptobox.com: https://info.cryptobox.com/doc/v4.40/4.40.en/