CVE Catalog

CVE-2026-42731

Critical
Published: Translated: NVD NIST

Summary

CVE-2026-42731 describes an incorrect privilege assignment vulnerability in miniOrange OTP Verification that allows privilege escalation. This issue affects versions from n/a through 5.4.9 inclusive.

Risk Assessment

Privilege escalation may lead to unauthorized access to sensitive data or system functions, posing a significant security risk to the organization.

Recommendation

It is recommended to update miniOrange OTP Verification to the latest version to mitigate this vulnerability.

Original NVD description (English source)

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through <= 5.4.9.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS