Uipress Lite

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-27091 MEDIUM This Month

UiPress Lite versions through 3.5.09 contain a missing authorization vulnerability (CWE-862) that allows authenticated users to exploit incorrectly configured access control security levels, enabling privilege escalation or unauthorized resource access. An attacker with low-level user credentials can bypass authorization checks to access or modify functionality restricted to higher-privilege roles. The vulnerability has a CVSS score of 6.3 with network-based attack vector requiring only low privileges, indicating moderate real-world exploitability.

Information Disclosure Uipress Lite
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-27091
EPSS 0% CVSS 6.3
MEDIUM This Month

UiPress Lite versions through 3.5.09 contain a missing authorization vulnerability (CWE-862) that allows authenticated users to exploit incorrectly configured access control security levels, enabling privilege escalation or unauthorized resource access. An attacker with low-level user credentials can bypass authorization checks to access or modify functionality restricted to higher-privilege roles. The vulnerability has a CVSS score of 6.3 with network-based attack vector requiring only low privileges, indicating moderate real-world exploitability.

Information Disclosure Uipress Lite
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy