Is there a public PoC exploit available for CVE-2026-2668?

Yes, a public proof-of-concept exploit is available for CVE-2026-2668. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-2668?

Within 24 hours: inventory all Visual Integrated Command And Dispatch Platform deployments and restrict network access to trusted users only. Within 7 days: implement compensating controls (WAF rules, network segmentation, feature disablement) and establish daily monitoring for exploitation attempts. Within 30 days: evaluate upgrade path to patched versions when available and conduct forensic review for breach indicators.

Visual Integrated Command And Dispatch Platform CVE-2026-2668

Q: What is the CVSS score of CVE-2026-2668?

CVE-2026-2668 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

Q: Which versions of Visual Integrated Command And Dispatch Platform are affected by CVE-2026-2668?

A high-severity vulnerability (CVSS 7.3) affects Visual Integrated Command And Dispatch Platform versions up to 20260206, with public exploits already available.

MEDIUM

Incorrect Privilege Assignment (CWE-266)

2026-02-18 cna@vuldb.com

Information Disclosure Visual Integrated Command And Dispatch Platform

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

HIGH MEDIUM

CVSS changed

Apr 29, 2026 - 01:11 NVD

7.3 (HIGH) 5.5 (MEDIUM)

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 26, 2026 - 20:31 vuln.today

Public exploit code

CVE Published

Feb 18, 2026 - 21:16 nvd

HIGH 7.3

DescriptionCVE.org

A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This affects an unknown function of the file /dm/dispatch/user/add of the component User Handler. The manipulation results in improper access controls. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Visual Integrated Command And Dispatch Platform versions up to 20260206. contains a security vulnerability (CVSS 7.3).

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Send HTTP request to /dm/dispatch/user/add endpoint

Delivery

Bypass authentication checks

Exploit

Manipulate user creation parameters

Execution

Create unauthorized admin account

Impact

Gain platform access