Skip to main content

Mpgabinet

3 CVEs product

Monthly

CVE-2026-40552 MEDIUM Monitor

Remote command execution in mpGabinet 23.12.19 and below allows authenticated database administrators or unauthenticated attackers (via chained exploitation of CVE-2026-40550 and CVE-2026-40551) to achieve system command execution by manipulating attachment storage paths in the database to reference attacker-controlled resources that execute when users open the files. The vulnerability requires direct database access and user interaction to trigger execution, but becomes unauthenticated when chained with companion CVE vulnerabilities that grant database and application access.

Information Disclosure Mpgabinet
NVD
CVSS 4.0
4.7
EPSS
0.0%
CVE-2026-40551 HIGH Monitor

Client-side authentication bypass in mpGabinet 23.12.19 and earlier allows local authenticated attackers to impersonate arbitrary users by patching the application binary. An attacker with legitimate low-privilege access to the system can manipulate the compiled application code to skip login verification entirely, gaining unauthorized access as any user including administrators. EPSS score not available for this 2026 CVE; no active exploitation or public POC confirmed at time of analysis.

Authentication Bypass Mpgabinet
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-40550 MEDIUM Monitor

mpGabinet 23.12.19 and earlier suffers from privilege escalation due to excessive database privileges assigned to the application service account. An attacker with local access to extract database credentials from the application process memory gains administrative database access, enabling unauthorized actions beyond what the application interface permits. CVSS 6.9 indicates high confidentiality impact from local access without authentication; no active exploitation confirmed in CISA KEV at time of analysis.

Privilege Escalation Mpgabinet
NVD
CVSS 4.0
6.9
EPSS
0.0%
EPSS 0% CVSS 4.7
MEDIUM Monitor

Remote command execution in mpGabinet 23.12.19 and below allows authenticated database administrators or unauthenticated attackers (via chained exploitation of CVE-2026-40550 and CVE-2026-40551) to achieve system command execution by manipulating attachment storage paths in the database to reference attacker-controlled resources that execute when users open the files. The vulnerability requires direct database access and user interaction to trigger execution, but becomes unauthenticated when chained with companion CVE vulnerabilities that grant database and application access.

Information Disclosure Mpgabinet
NVD
EPSS 0% CVSS 8.4
HIGH Monitor

Client-side authentication bypass in mpGabinet 23.12.19 and earlier allows local authenticated attackers to impersonate arbitrary users by patching the application binary. An attacker with legitimate low-privilege access to the system can manipulate the compiled application code to skip login verification entirely, gaining unauthorized access as any user including administrators. EPSS score not available for this 2026 CVE; no active exploitation or public POC confirmed at time of analysis.

Authentication Bypass Mpgabinet
NVD
EPSS 0% CVSS 6.9
MEDIUM Monitor

mpGabinet 23.12.19 and earlier suffers from privilege escalation due to excessive database privileges assigned to the application service account. An attacker with local access to extract database credentials from the application process memory gains administrative database access, enabling unauthorized actions beyond what the application interface permits. CVSS 6.9 indicates high confidentiality impact from local access without authentication; no active exploitation confirmed in CISA KEV at time of analysis.

Privilege Escalation Mpgabinet
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy