Skip to main content

Vitals Esp

2 CVEs product

Monthly

CVE-2026-4640 HIGH This Week

Vitals ESP, a software product developed by Galaxy Software Services, contains a Missing Authentication vulnerability that allows unauthenticated remote attackers to execute certain functions and obtain sensitive information. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector requiring no privileges or user interaction, resulting in high confidentiality impact. This issue was reported by Taiwan CERT (twcert) and is classified as an Authentication Bypass vulnerability.

Authentication Bypass Vitals Esp
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-4639 HIGH This Week

Vitals ESP, a healthcare software product developed by Galaxy Software Services, contains an incorrect authorization vulnerability that allows authenticated remote attackers with low-level privileges to escalate their access and perform administrative functions. The vulnerability has a CVSS score of 8.8 (High), indicating network-based exploitation with low attack complexity requiring only low-level authentication. No KEV listing or EPSS data is currently available, though Taiwan CERT (TWCERT) has published advisories on this issue.

Authentication Bypass Vitals Esp
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
EPSS 0% CVSS 8.7
HIGH This Week

Vitals ESP, a software product developed by Galaxy Software Services, contains a Missing Authentication vulnerability that allows unauthenticated remote attackers to execute certain functions and obtain sensitive information. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector requiring no privileges or user interaction, resulting in high confidentiality impact. This issue was reported by Taiwan CERT (twcert) and is classified as an Authentication Bypass vulnerability.

Authentication Bypass Vitals Esp
NVD VulDB
EPSS 0% CVSS 8.7
HIGH This Week

Vitals ESP, a healthcare software product developed by Galaxy Software Services, contains an incorrect authorization vulnerability that allows authenticated remote attackers with low-level privileges to escalate their access and perform administrative functions. The vulnerability has a CVSS score of 8.8 (High), indicating network-based exploitation with low attack complexity requiring only low-level authentication. No KEV listing or EPSS data is currently available, though Taiwan CERT (TWCERT) has published advisories on this issue.

Authentication Bypass Vitals Esp
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy