What is the CVSS score of CVE-2026-31798?

CVE-2026-31798 has a CVSS 3.1 base score of 5.0 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.0%.

Which versions of Jumpserver are affected by CVE-2026-31798?

Organizations using JumpServer should be aware of moderate risk from CVE-2026-31798 rated CVSS 5.0. Exploitation could compromise the security of affected deployments.. A patch is available.

Jumpserver CVE-2026-31798

EUVD-2026-12081 MEDIUM

Improper Certificate Validation (CWE-295)

2026-03-13 GitHub_M

Information Disclosure Jumpserver

5.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

4.10.16-lts

EUVD ID Assigned

Mar 13, 2026 - 20:00 euvd

EUVD-2026-12081

Analysis Generated

Mar 13, 2026 - 20:00 vuln.today

CVE Published

Mar 13, 2026 - 19:15 nvd

MEDIUM 5.0

DescriptionNVD

JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When JumpServer sends MFA/OTP codes via Custom SMS API, an attacker can intercept the request and capture the verification code BEFORE it reaches the user's phone. This vulnerability is fixed in v4.10.16-lts.

AnalysisAI

JumpServer prior to version 4.10.16-lts improperly validates certificates when sending MFA/OTP codes through a Custom SMS API Client, allowing an attacker to intercept SMS verification requests and capture one-time passcodes before they reach the user's phone. This vulnerability affects organizations using JumpServer as a bastion host and operational security audit system, potentially enabling unauthorized authentication bypass. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	This vulnerability presents a moderate but meaningful risk requiring contextualized evaluation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A network attacker positioned between a JumpServer instance and an external SMS provider (via BGP hijacking, DNS spoofing, or compromised router) initiates a TLS man-in-the-middle attack. When a legitimate user attempts to log into JumpServer and receives an MFA prompt, JumpServer sends an HTTPS request to the Custom SMS API Client containing the OTP code without properly validating the provider's certificate. …
Remediation	Immediately upgrade JumpServer to version 4.10.16-lts or later to apply the certificate validation fix in the Custom SMS API Client. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-31798 vulnerability details – vuln.today

Back