← Back to CVEs
CVE-2026-40551
N/ADescription
mpGabinet performs client-side authentication. An attacker with access to any application instance connected to the backend server can bypass the login verification process by manipulating the application binary and authenticate as an arbitrary user. This issue affects mpGabinet version 23.12.19 and below.
CVE Details
CVSS v3.1 ScoreN/A
Published4/28/2026
Last Modified4/28/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-603
References
https://cert.pl/posts/2026/04/CVE-2026-40550/(cvd@cert.pl)
https://www.mpgabinet.pl/(cvd@cert.pl)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.