CVE Catalog

CVE-2026-10711

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Summary

CafePlus has a vulnerability related to missing authentication for a critical function, allowing access to functionality not properly constrained by access control lists (ACLs). This issue affects versions from 12.05.03 before 12.05.04.

Risk Assessment

The lack of proper access restrictions may lead to unauthorized access to sensitive functions, posing a serious threat to the organization's data security.

Recommendation

It is recommended to update CafePlus to version 12.05.04 or later to mitigate this vulnerability and implement appropriate authentication mechanisms.

Original NVD description (English source)

Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS