CVE Catalog

CVE-2026-54817

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in the FluxBuilder MStore API allows authentication bypass via an alternate path or channel, enabling password recovery exploitation.

Risk Assessment

The organization may be exposed to unauthorized access to user accounts, potentially leading to data loss and privacy breaches.

Recommendation

It is recommended to update the MStore API to the latest version and implement additional security measures for the authentication process.

Original NVD description (English source)

Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS