NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-40543

Summary	SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacker can directly query backup-related endpoints and retrieve backup archives containing user databases with usernames and password hashes, as well as the config.csv file, which includes additional sensitive information. This issue affects SOPlanning version 1.55 and below.
Publication Date	June 1, 2026, 6:16 p.m.
Registration Date	June 2, 2026, 4:17 a.m.
Last Update	June 2, 2026, 1:37 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://cert.pl/en/posts/2026/06/CVE-2026-40543	cvd@cert.pl
2	https://www.soplanning.org/en/	cvd@cert.pl

Common Vulnerabilities List