CVE Catalog
CVE-2026-35097
MediumCVSS 6.9Summary
The KTM e-BOK system enforces a maximum password length of six numeric digits and does not allow alphabetic, special, or extended characters. This issue was fixed in the patch released in June 2026.
Risk Assessment
The organization is at risk of easy password guessing or cracking, potentially leading to unauthorized access to the system and data.
Recommendation
Apply the June 2026 patch immediately and configure a password policy requiring longer and more complex passwords.
Original NVD description (English source)
KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026.

