What is the CVSS score of CVE-2026-1427?

CVE-2026-1427 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Is there a public PoC exploit available for CVE-2026-1427?

Yes, a public proof-of-concept exploit is available for CVE-2026-1427. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2026-1427?

Within 24 hours: Isolate SSO Portal to restricted network access and enable enhanced logging/monitoring. Within 7 days: Deploy WAF rules to block OS command injection patterns and implement input validation controls. Within 30 days: Develop migration plan to alternative SSO solution or apply patch upon vendor release; conduct forensic audit for unauthorized access.

Single Sign On Portal System CVE-2026-1427

HIGH

OS Command Injection (CWE-78)

2026-01-26 twcert@cert.org.tw

Command Injection Single Sign On Portal System

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:00 vuln.today

CVE Published

Jan 26, 2026 - 08:16 nvd

HIGH 8.8

DescriptionCVE.org

Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

AnalysisAI

The WellChoose Single Sign-On Portal System contains an OS command injection vulnerability that allows authenticated users to execute arbitrary commands on the affected server. An attacker with valid credentials can bypass input validation to inject malicious OS commands, achieving full system compromise with high impact to confidentiality, integrity, and availability. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate to SSO portal

Exploit

Locate command injection input field

Execution

Inject malicious OS command

Impact

Execute arbitrary commands on server

Access

Authenticate to SSO portal

Exploit

Locate command injection input field

Execution

Inject malicious OS command

Impact

Execute arbitrary commands on server

Vulnerability AssessmentAI

Exploitation	Valid authenticated user credentials required for WellChoose Single Sign-On Portal System. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.8 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A remote attacker (requires authentication) could exploit this vulnerability to compromise the affected system.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Isolate SSO Portal to restricted network access and enable enhanced logging/monitoring. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-1427 vulnerability details – vuln.today

Back

Single Sign On Portal System CVE-2026-1427

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code