Skip to main content

Liman MYS EUVDEUVD-2026-42034

| CVE-2026-11348 HIGH
Improper Verification of Cryptographic Signature (CWE-347)
2026-07-07 iletisim@usom.gov.tr GHSA-cmjg-6q27-6fr4
8.1
CVSS 3.1 · Vendor: usom
Share

Severity by source

Vendor (usom) PRIMARY
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
9.1 CRITICAL

Network-reachable JWT forgery needs no auth or interaction (AV:N/PR:N/UI:N); typical alg-confusion bypasses are low complexity (AC:L, versus NVD's AC:H); spoofing yields high C/I but no clear direct availability impact (A:N).

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (usom).

CVSS VectorVendor: usom

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jul 07, 2026 - 12:31 vuln.today

DescriptionCVE.org

Improper verification of cryptographic signature vulnerability in HAVELSAN Inc. Liman MYS allows Fake the Source of Data.

This issue affects Liman MYS: before release.Master.1107.

AnalysisAI

Signature verification bypass in HAVELSAN Liman MYS (versions before release.Master.1107) lets remote attackers forge the source/authenticity of data - tagged as a JWT attack - enabling identity spoofing and likely authentication bypass. Per CVSS the vector is network-based and unauthenticated (AV:N/PR:N) with high impact to confidentiality and integrity. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach Liman MYS web/API endpoint
Delivery
Craft forged JWT bypassing signature check
Exploit
Submit token to authenticate as trusted user
Execution
Impersonate administrator / read sensitive data
Impact
Execute management actions on hosts

Vulnerability AssessmentAI

Exploitation Exploitation requires network access to the Liman MYS application's authentication/token-handling surface (the JWT-processing endpoint) on a vulnerable build before release.Master.1107; the attacker must construct a token that abuses the improper signature check (per the 'Jwt Attack' tag, e.g. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD CVSS is 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H): remotely reachable, no privileges or user interaction, but rated high attack complexity. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach the Liman MYS web interface crafts a forged token (e.g., a JWT with a manipulated algorithm or unsigned/attacker-signed payload) that the server accepts as authentic due to improper signature verification, impersonating a trusted or administrative user. With that forged identity the attacker reads sensitive data and issues management actions. …
Remediation Vendor-released patch: upgrade Liman MYS to release.Master.1107 or later, which corrects the signature-verification flaw; this is the primary and recommended remediation. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all HAVELSAN Liman MYS deployments (versions before release.Master.1107) and classify by business criticality; contact HAVELSAN support to confirm patch timeline and request interim guidance. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2013-3900 MEDIUM
5.5 Dec 11

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update

CVE-2026-48558 CRITICAL POC
9.5 Jun 12

Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke

CVE-2025-59718 CRITICAL
9.8 Dec 09

Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to

CVE-2025-25291 CRITICAL POC
9.3 Mar 12

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS

CVE-2025-25292 CRITICAL POC
9.3 Mar 12

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS

CVE-2022-25898 CRITICAL POC
9.8 Jul 01

The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT

CVE-2024-42004 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. Rated criti

CVE-2024-41145 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.27

CVE-2024-41138 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work

CVE-2024-45409 CRITICAL POC
9.8 Sep 10

The Ruby SAML library is for implementing the client side of a SAML authorization. Rated critical severity (CVSS 9.8), t

CVE-2022-35929 CRITICAL POC
9.8 Aug 04

cosign is a container signing and verification utility. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2022-31053 CRITICAL POC
9.8 Jun 13

Biscuit is an authentication and authorization token for microservices architectures. Rated critical severity (CVSS 9.8)

Share

EUVD-2026-42034 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy