What is the CVSS score of CVE-2026-32405?

CVE-2026-32405 has a CVSS 3.1 base score of 5.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Woodmart are affected by CVE-2026-32405?

CVE-2026-32405 presents moderate security risk rated CVSS 5.3. Exploitation could compromise the security of affected deployments.

Woodmart CVE-2026-32405

Q: How to fix or mitigate CVE-2026-32405?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

EUVD-2026-11922 MEDIUM

Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)

2026-03-13 Patchstack

Information Disclosure Woodmart

5.3

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

5.3 MEDIUM

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 13, 2026 - 16:57 euvd

EUVD-2026-11922

Analysis Generated

Mar 13, 2026 - 16:57 vuln.today

CVE Published

Mar 13, 2026 - 11:42 nvd

MEDIUM 5.3

DescriptionCVE.org

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9.

AnalysisAI

WoodMart versions 8.3.9 and earlier expose sensitive embedded system information to unauthorized parties through improper access controls, allowing remote attackers to retrieve confidential data without authentication. The vulnerability carries medium severity with a 5.3 CVSS score and currently lacks an available patch, affecting deployments of the affected WoodMart versions.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	Exposed information (credentials, internal paths, user data, configuration) can be leveraged for further attacks or regulatory violations. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker triggers error conditions or accesses improperly protected endpoints to extract sensitive internal information from the application.
Remediation	Implement proper access controls. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-32405 vulnerability details – vuln.today

Back

Woodmart CVE-2026-32405

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code