CVE-2026-42735
HighSummary
An authentication bypass vulnerability in the KiviCare clinic management system allows for password recovery exploitation. This issue affects KiviCare from n/a through version 4.3.0.
Risk Assessment
The organization may be exposed to unauthorized access to user accounts, potentially leading to data breaches or other serious security incidents.
Recommendation
It is recommended to update the KiviCare system to the latest version to mitigate this vulnerability and implement additional security measures to protect user data.
Original NVD description (English source)
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through <= 4.3.0.

