CVE Catalog
CVE-2026-54817
MediumCVSS 6.5Summary
A vulnerability in the FluxBuilder MStore API allows authentication bypass via an alternate path or channel, enabling password recovery exploitation.
Risk Assessment
The organization may be exposed to unauthorized access to user accounts, potentially leading to data loss and privacy breaches.
Recommendation
It is recommended to update the MStore API to the latest version and implement additional security measures for the authentication process.
Original NVD description (English source)
Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4.

