CVE Catalog

CVE-2026-14161

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

Hospital Quening Management by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

Risk Assessment

The risk involves potential leakage of technical API details, which could enable attackers to further exploit the system or steal patient data.

Recommendation

Immediately restrict access to the API documentation via authentication or remove it from publicly accessible resources, and implement access control mechanisms.

Original NVD description (English source)

Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS