CVE Catalog

CVE-2026-42569

Critical
Published: Translated: NVD NIST

Summary

In phpVMS, a PHP application for simulating airlines, prior to version 7.0.6, a critical vulnerability allowed unauthenticated access to a legacy import feature.

Risk Assessment

Organizations using versions earlier than 7.0.6 are at risk of unauthorized access to data, potentially leading to serious security breaches.

Recommendation

It is recommended to upgrade phpVMS to version 7.0.6 or later to mitigate this vulnerability.

Original NVD description (English source)

phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access to a legacy import feature. This issue has been patched in version 7.0.6.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS