CVE-2026-41031NVD

Vulnerability Summary

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials.

Severity Level

HIGH(8.7)

Published Date

Jun 9, 2026

Last Modified

Jun 9, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.04%Probability

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

User InteractionRequired

ScopeChanged

ConfidentialityHigh

IntegrityHigh

AvailabilityNone

External References

https://partner.skilja.com/uncategorized/security-advisory-stored-xss-in-vinna-process-monitor-cve-2026-41031/

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-41031NVD

Vulnerability Summary

External References