What is the CVSS score of EUVD-2026-26372?

EUVD-2026-26372 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of PDKS are affected by EUVD-2026-26372?

CVE-2026-7402 affects MeWare PDKS personnel and document tracking software versions V16.20200313 through VMYR_3.5.2025117, allowing authenticated users to bypass rate-limiting controls and trigger…

How to fix or mitigate EUVD-2026-26372?

Within 24 hours: Inventory all PDKS deployments and confirm installed versions against the affected range (V16.20200313-VMYR_3.5.2025117); restrict administrative and privileged account access to essential personnel only. Within 7 days: Contact MeWare Software Development Inc. for patch timeline and interim guidance; implement network segmentation to limit PDKS access to authorized users only and monitor for unusual request patterns. Within 30 days: Deploy rate-limiting and request throttling at the application or proxy layer if vendor patch remains unavailable; establish monitoring alerts for integrity anomalies in personnel and document records.

PDKS EUVD-2026-26372

| CVE-2026-7402 HIGH

Improper Control of Interaction Frequency (CWE-799)

2026-04-30 TR-CERT

Information Disclosure

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 30, 2026 - 13:31 vuln.today

EUVD ID Assigned

Apr 30, 2026 - 13:00 euvd

EUVD-2026-26372

Analysis Generated

Apr 30, 2026 - 13:00 vuln.today

CVE Published

Apr 30, 2026 - 12:48 nvd

HIGH 8.1

DescriptionNVD

Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding.

This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.

AnalysisAI

Remote authenticated attackers can flood PDKS (Personnel and Document Tracking System) through uncontrolled interaction frequency, achieving high integrity and availability impacts without confidentiality breach. This workforce management software by MeWare Software Development Inc. …

RemediationAI

Within 24 hours: Inventory all PDKS deployments and confirm installed versions against the affected range (V16.20200313-VMYR_3.5.2025117); restrict administrative and privileged account access to essential personnel only. Within 7 days: Contact MeWare Software Development Inc. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-26372 vulnerability details – vuln.today

Back